The Voice of the White House
Washington, D.C. July 18, 2016:” For the past ten years, there have been growing fears that somehow, outsiders have been able to penetrate into the confidential computer files of government agencies, business entities such as banks and defense contractors and individuals.
Some of this appeared to be an attempt to obtain highly classified information that could be of use to others and in other instances, attempts to get into the personal, and corporate, bank accounts of individuals and corporations.
This is a brief study of some of the salient aspects of this problem of computer theft and espionage and we will start with the discovery of massive computer penetration in Israel. We will then consider further penetrations of American business and intelligence computer systems by agents of a foreign government as opposed to confidence men and then conclude with the use of the same methods to commit frauds on the gullible in the United States and elsewhere.
Some of the first public notice of this problem surfaced first in Israel in 2004 when Israeli law enforcement cyber crime experts discovered that what is known as a Trojan Horse (illicit spyware planted on an unsuspecting computer) had been inserted into about 60 major Israeli businesses. Isreali law enforcement subsequently indicted various members of three of Israel’s largest private investigative agencies on charges of criminal fraud. These spyware plants were in various commercial areas such as : Israeli military contracting, telephone systems, cable television, finance, automobile and cigarette importing, journalism and high technology. These intrusive spyware plants were nearly identical with ones developed by the American NSA and widely used inside the United States to glean political, economic and counter-intelligence information from a huge number of American businesses and agencies. Israeli investigators believed that there was illicit cooperation between the American agency and a counterpart in Israel.
These Trojan horses that penetrated the Israeli computers came packaged inside a compact disc or were sent as an e-mail message that appeared to be from an institution or a person that the victims thought they knew very well. Once the program was installed, it functioned every time the victim’s computer system was in use, logging keystrokes or collecting sensitive documents and passwords before transmitting the information elsewhere.
This clandestine theft of valuable commercial, military and political secrets is certainly not limited to Israel and many important agencies and individuals have become increasingly concerned about what is called “phishing” in which both con men and foreign (and domestic) intelligence agencies can locate, capture and use valuable personal, political and financial information. In September of 2005, the Anti-Phishing Working Group, an ad hoc group of corporate and law enforcement groups that track identity theft and other online crimes, said it had received more than 13,000 unique reports of phishing schemes in that month alone, up from nearly 7,000 in the month of October, 2004..
In late 2005, a new form of phishing, called “spear-phishing” emerged.
So-called spear-phishing is a highly concentrated and far more effectove version of phishing. That’s because those behind the schemes bait their hooks for specific victims instead of casting a broad, ill-defined net across cyberspace hoping to catch throngs of unknown victims.
Spear-phishing, say security specialists, is much harder to detect than phishing. Bogus e-mail messages and Web sites not only look like near perfect replicas of communiqués from e-commerce companies like eBay or its PayPal service, banks or even a victim’s employer, but are also targeted at people known to have an established relationship with the sender being mimicked. American banks such as Chase and Bank of America are among those whose names are faked and also the online auction house of Ebay and the international money transfer firm of PayPal receive considerable attention from the international conmen and credit thieves. These thieves are not necessarily gangs operating for financial gain but also include theft of trade secrets, private corporate banking and highly sensitive military and political information.
While some of these phishers are merely out to make money, others are interested in securing military secrets and political activities, all at the highest and what is hopefully considered as the most secure.
As a case in point, in June of 2005 , the National Infrastructure Security Coordination Centre, a British government agency that monitors national UK computer security, took the step of publicly warning about a spear-phishing campaign of “targeted Trojan e-mail attacks” aimed at industrial and government computer networks. The warning noted that the e-mail messages appeared to come from a trusted sender, that antivirus software and firewalls was completely incapable of protecting recipients, and that, in fact, there was no way to completely protect any computer connected to the Internet from the Trojan attacks once recipients opened and downloaded a faked e-mail message containing a virus.
The report noted that: “Files used by the attackers are often publicly available on the Web or have been sent to distribution lists,” the warning said. “The attackers are able to receive, trojanise and resend a document within 120 minutes of its release, indicating a high level of sophistication.”
Also,a more traditional phishing scam infected about 30,000 individual computers worldwide, according to CipherTrust, a computer security firm. Consisting of what CipherTrust said was about 50 million e-mail messages that a German hacker deployed simultaneously, the communiqués purported to come from the Federal Bureau of Investigation, the Central Intelligence Agency and a German intelligence agency and tried to convince recipients to provide personal information and open a file containing a virus. The F.B.I. issued a warning about the scheme and a spokeswoman said that thousands of people swamped the agency with phone calls inquiring about it. Public awareness and FBI actions sharply reduced and finally obliterated this specific form of fraud but no information has been released to the public by the FBI concerning the identity or motives of many of the hackers. No bank or financial institution ever contacts their depositors and customers by email with warnings about misuse of their credit cards or errors in their personal accounts. The phishers have advanced technologically to the point where actual company logos can be snatched from Web sites to build customized databases of corporate logos. Any email message purporting to come from any bank or financial institution, most especially one that has the proper company logo and format but contains grammatical errors should ever be responded to.
Some computer security specialists suggest at least one basic approach that might allow e-mail recipients to learn right away that a communiqué appearing to come from a company like Amazon.com actually originated somewhere in the Ukraine, Romania, Bulgaria, Poland, Russia or any of the other places that law enforcement officials say are hot spots for phishing scams.
According to CipherTrust, a spear-phisher can rent a server for about $300 month after paying a $100 setup fee; install spam-sending software on the server for about $1,200 a month; and get spam-sending proxies, a database of e-mail addresses, and other necessary add-ons for another $1,900 a month. How much phishers make depends on how many victims they hook, but the relatively small expense means the work can be lucrative. According to a research report issued in June by Gartner Inc., a consulting firm, about 2.4 million Americans reported losing about $929 million to phishing schemes during the previous year.
In 2016, is has been estimated by the FBI and private cyper-protection agencies that about 82 million American adults who use the Internet believed that they received an average of more than 50 phishing e-mails during the prior 12 months. And that, of course, is just what Internet users actually know might be happening.
Phishers main goal is to obtain a victim’s checking-account number and, in addition, credit card and A.T.M. card numbers, which they can copy onto bogus cards they have manufactured for the purpose of extracting money and goods from a victim’s account.
It should be noted that many American banks have serious security gaps in the software used to analyze magnetic stripe coding on the back of A.T.M. cards, and these gaps have permitted card hijackers to use bogus copies. American regulators, concerned about online vulnerabilities at the country’s banks, have sharply tightened security requirements at financial institutions.
Although Interner Provider (IP) numbers lead to Italy, the Netherlands, the Ukraine, Romania, Bulgaria, Poland, and Russia, a secret investigation by NSA and other American domestic and foreign intelligence agencies has disclosed that almost all of the scams originate inside Israel and that while the Israeli authorities are aware of this, the fact that information considered “vital to the interests of the State of Israel” is part of the intercepts, no action has been taken against operations that are not directed against Israeli agencies or individuals. Further, one of the caveats to the continued functioning of these enormously profitable computer frauds is that any monies gleaned from them must be deposited in Israeli, and not foreign, banks.
Isreali intelligence, having formed a cooperative association with Israeli internet swindlers, has, according to an NSA report, not hesitated to spy on their American counterparts.
Among the Israeli corporations on the receiving end of stolen information were two telecommunications affiliates of Bezeq, the country’s largest telephone company. The Israeli government held a controlling interest in Bezeq until it sold most of its stake to private investors, including Los Angeles media mogul Haim Saban, shortly before the Trojan horse scandal became public. A lawyer representing Bezeq and the two affiliates, YES and Pele-Phone, declined to comment on the investigation; Mr. Wismonsky said that Bezeq itself appeared to have been a victim, not a recipient, of stolen information.” Continue Reading »