EU cybercop: Europe battles insiders-turned-hackers

The security adviser for the European Electronic Crimes Task Force (EECTF) in Milan, Italy, warned this week that Europe is dealing with a growing problem that has already had ramifications for governments and businesses around the world: insiders who become hackers for profit.

"The 'gray hat' phenomenon is growing in Europe," said Dario Forte, referring to people employed as security consultants who also engage in criminal computer hacking. "Companies should increase screening and control of IT personnel. And customers should think twice before leaving their IT systems in the hands of contractors."

Forte, who prior to joining the EECTF was the director of the Italian financial police, spoke at the Black Hat security conference here.

He outlined a recent investigation into an Italian hacker group known as the Reservoir Dogs. Of the 14 members arrested last August by the Italian financial police in what became known as Operation Rootkit, 10 were employed as security experts and four were minors. The group was responsible for a series of hacking incidents that spanned the globe and included the likes of NASA, the U.S. Army and Navy and various financial companies in the U.S. and abroad.

"Some were working as information security managers in big consulting firms and Internet service providers, even Italian branches of U.S. companies," said Forte. "They were white hats by day and black hats by night."

Because the case is still open, Dario couldn't name the companies involved. However, he did say that Operation Rootkit involved investigations into more than 1,000 compromised systems in the U.S. and Europe, including 100 U.S. military and government systems. Law enforcement officials from the U.S. and Europe seized more than 40 computers belonging to the hackers, as well as nearly a terabyte worth of evidence that included hundreds of stolen credit card numbers.

The Reservoir Dogs, led by a hacker known as Pentoz, employed internal communications methods similar to those used by organized crime rings, such as encrypted Internet Relay Chat sessions, secure shell and IPv6 tunnels, said Forte. In addition, "they used compromised machines for one single criminal act and then they burned it (clean of evidence)," he said.

In addition to using a compromised University of Pennsylvania system to launch attacks, the group also took control of a corporate Web server in Germany and used it to attack U.S. Army systems. Working with the U.S. Army's criminal Investigation Division, Forte was able to trace many of the attacks back to a flat-rate dial-up service in Italy that was used by members of the group.

"Without international cooperation, it wouldn't have been possible to achieve a good correlation of events," said Forte.

In a more recent case dubbed the Cyprus Credit Card Case, Forte was notified that the leader of a worldwide credit card trafficking ring had been arrested in Cyprus. The EECTF was able to arrange for the travel of both the evidence and police officers involved in the case to its forensic lab in Italy. Once in Italy, the EECTF was able to conduct a forensic examination that recovered enough evidence to keep the defendants in jail until a more complete investigation could be completed in the U.S.

Join the PC World newsletter!

Error: Please check your email address.

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Dan Verton

Computerworld
Show Comments

Essentials

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?