National

FBI breaks sophisticated worldwide cyberattack

RALEIGH, N.C. —In November 2008, with the nation transfixed by a presidential election and a collapsing economy, a group of international hackers infiltrated the computer network of a major financial services company in what authorities describe as one of the most sophisticated attacks ever concocted.

Their work was both furtive and impressive: Around the time Barack Obama was securing his White House win, the hackers entered RBS WorldPay servers, accessed prepaid payroll card numbers, cracked their encrypted PIN codes, raised the balances on the cards and distributed dozens of them to a team of people around the world.

Then, in the span of 12 hours around Nov. 8 of that year, the group hit 2,100 ATM terminals in 280 cities spanning the world, from the United States to Russia to Italy to Japan. Prosecutors say they withdrew $9 million — a haul that rivals 1,000 typical bank robberies in the United States.

Despite the technical and international challenges of the case, U.S. investigators believe they were able to trace the scheme back to its origin. On Friday they brought one of the accused ringleaders from Estonia to Atlanta to face arraignment on several fraud charges — a rare appearance in U.S. courts for an accused international hacker.

Sergei Tsurikov, 26, of Tallinn, Estonia, pleaded not guilty at his arraignment to conspiracy to commit computer fraud, computer fraud, conspiracy to commit wire fraud, wire fraud and aggravated identity theft.

FBI officials said in interviews with the Associated Press that they weren't so much drawn to the case by the dollar amount of the RBS heist but by the coordination. It exemplified the international scope and increasing acumen of cyberattacks.

"As people become more technically proficient and get access to the Internet, we see this crime showing up in more and more places," said Pat Carney, who supervised the RBS case at the FBI's headquarters.

With such an increasing need for cyberdefenses, the FBI has ramped up its focus, training some 900 agents in how to handle such crimes. In the RBS case, they quickly mobilized a group of FBI experts on the topic to descend on Atlanta, where RBS is based, and track down the culprits.

While U.S. authorities have been able to crack down on cybercrimes originating in the United states, the FBI has had to increasingly rely on foreign partners to restrict attacks coming from overseas, in places like Egypt, Turkey and Hong Kong. Federal officials praised authorities in Estonia for assisting in the investigation and extradition in the hacker case.

The increasing scope of foreign attacks comes as college students around the world are focusing heavily on technology degrees only to emerge into a difficult job market with low pay, officials said.

  Comments