Software Helps FBI Crack International Cybercrime Case

University of Alabama at Birmingham researchers helped the Federal Bureau of Investigation and NASA Office of Inspector General identify seven foreign nationals arrested for a massive, sophisticated Internet fraud that infected more than 400 million computers in 100-plus countries and scammed $14 million.

The defendants in the FBI Operation Ghost Click were tracked down with assistance from the UAB Spam Data Mine, which archives and analyzes spam campaigns gathering more than 1 million emails per day. The database, which holds about 550 million spam email messages, is the reason law enforcement asked UAB for assistance.

"The information we received from UAB’s software was invaluable to our efforts in the apprehension of these international suspects,” said FBI Supervisory Special Agent Thomas Grasso Jr.

At least 500,000 computers infected in the United States belonged to government agencies -- including NASA, educational institutions, non-profit organizations, businesses and individuals. (UAB’s computers were not infected.) The malware secretly enabled the defendants to hijack Internet searches and reroute computers to certain websites and advertisements and prevented infected computers from installing anti-virus software.

“The UAB Spam Data Mine allowed us to tell the FBI when new email-based threats contained versions of particular comput

er viruses that were related to the malware family associated with this case,” says Gary Warner, director of Research in Computer Forensics in the UAB College of Arts and Sciences. “Our team can help law enforcement quickly track down and successfully prosecute cybercriminals anywhere in the world because we can identify related spam almost instantaneously.”

Warner, five times selected as a Microsoft Most Valuable Professional and author of the Cyber Crime & Doing Time blog, is a member of UAB’s Center for Information Assurance and Joint Research Foundation. The center, known for interdisciplinary research and development, offers law-enforcement solutions in many areas, including spam data-mining, phishing, computer security, computer intrusion and identity theft.

“We created the center to respond to rapidly emerging and enduring threats to global, domestic and regional commerce and safety,” says its founding director Anthony Skjellum, Ph.D., chair of UAB Computer and Information Sciences. “Our team has taken the lead in helping law enforcement eradicate cybercrime by making it near impossible for online criminals to hide.”

Featured

  • Maximizing Your Security Budget This Year

    The Importance of Proactive Security Measures: 4 Stories of Regret

    We all want to believe that crime won’t happen to us. So, some business owners hope for the best and put proactive security measures on the back burner, because other things like growth, attracting new customers, and meeting deadlines all seem more pressing. Read Now

  • Global IT Outage Cause by Faulty Update from Cybersecurity Provider CrowdStrike

    Systems are starting to come back online after a global IT outage on Friday disrupted everything from airline operations to banks and 911 call centers. Read Now

  • Securing the Flow of Operations

    The transportation industry is a complex and dynamic environment where efficient management of physical keys, vehicles and shared devices is critical to ensuring smooth operations, reducing costs and maintaining security. Every day, more transportation facilities are using modern electronic key and asset management systems to better secure, audit and manage the important assets that keep operations running smoothly. Read Now

  • The Recipe for Stadium Security

    The threat landscape of stadium security is fluid. Today’s venues and stadiums have operational security 24/7, hosting sporting events, community events, concerts, conventions and more – each with a unique visitor base and each with unique security risks. Read Now

Featured Cybersecurity

Webinars

New Products

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3