6 March 2015
Working with partners in law enforcement, industry and government, the National Crime Agency (NCA) has this week (2-6 March) coordinated an intensive period of UK-wide action against cyber crime.
Fifty-seven people have been arrested in 25 separate operations, which relate to a range of cyber criminality including:-
- Network intrusion and data theft from multinational companies and government agencies,
- Distributed Denial of Service (DDoS) attacks
- Cyber-enabled fraud
- Malicious software and virus development
Operational activity took place across England, Scotland and Wales and saw officers deployed from the NCA’s National Cyber Crime Unit (NCCU), Metropolitan Police and Regional Organised Crime Unit’s (ROCUs) associated with local forces around the UK.
- 21-year-old man arrested on 5 March by the NCA’s NCCU on suspicion of a network intrusion attack committed by ‘D33Ds Company’ hacking group, which stole over 400,000 email addresses and passwords from Yahoo! and published them online in 2012.
- 23-year old man arrested on 4 March by NCCU officers, supported by West Midlands ROCU, on suspicion of offences relating to a network intrusion in June 2014 on the US Department of Defence (DoD). This relates to theft of information from the Enhanced Mobile Satellite Services global communication system used by the DoD to communicate with employees internationally.
- 22-year-old male arrested on 3 March by the NCCU and South West ROCU in Aldbourne, Marlborough on suspicion of developing and distributing malware (malicious software).
- 20-year-old male from Hackney, London arrested on 4 March by Met Police and NCCU on suspicion of committing a £15,000 phishing attack.
- 27-year-old from Leyton arrested on 04 March by Metropolitan Police and NCCU, on suspicion of cyber-enabled fraud.
- 25-year-old man from North London has been arrested by the Metropolitan Police on suspicion of deploying malware against banks resulting in financial losses.
- 16-year-old male, from the Pudsey area of Leeds has been arrested by the Metropolitan Police for suspected Computer Misuse Act offences concerning the use of DDoS attacks believed to target approximately 350 websites.
- Two men, aged 38 and 29 years, arrested in South London and the Cambridge area by the Metropolitan Police for suspected conspiracy and Computer Misuse Act offences relating to the theft of valuable intellectual property from a London financial company.
- 25 suspects in the London and Essex areas were arrested by The Metropolitan Police Fraud and Linked Crime Online (FALCON) unit on suspicion of cyber-enabled fraud offences, including fraud by false representation, theft and money laundering.
- An 18-year-old man arrested by the Eastern ROCU in Watford, suspected of being responsible for the development and administration of the Titanium and Avenger stressor tools which have been used in DDoS attacks on public sector websites, including police.
- A 22-year-old man and a 59-year old woman arrested in Camberwell by the Eastern ROCU, suspected of offences relating to cyber-enabled fraud targeting high street retailer loyalty point schemes.
- A 22-yr-old man arrested in Slough by South East ROCU, suspected of offences relating to cyber-enabled fraud.
- Officers from Thames Valley Police and South East ROCU arrested five men in Kiddlington, Oxford, aged 40, 39, 38, 36 and 34 years for conspiracy to commit computer misuse offences, in relation to a network intrusion attack.
- Officers from Sussex and Surrey Police cyber crime unit together with South East ROCU arrested a 58-yr-old man in Bexhill, Sussex, suspected of network intrusion and DDoS offences
- A 21-year-old man arrested by Police Scotland in County Durham on suspicion of Computer Misuse Act offences relating to a DDoS attack on the Police Scotland website.
- A 51-yr-old man arrested by North East ROCU in Northumbria on suspicion of Computer Misuse Act offences relating to a network intrusion.
- A 33-yr-old man from Barry was arrested by South Wales ROCU, suspected of a DDoS on a rival company for competitive advantage.
- Three suspects arrested in South Wales by NCCU, Gwent and Dyfed Powys police on suspicion of a number of Computer Misuse Act Offences.
- Working with the US FBI, a production order was served by the East Midlands ROCU on a hosting company whose servers are suspected of being used to house suspected criminal infrastructure.
- Several ROCU’s have also issued cease and desist orders visiting individuals who have been identified as purchasing remote access tools (RATs).
The week also involved a pioneering approach in helping small and medium enterprises, hosting companies and ISPs identify threats on their infrastructure.
Ten Regional Organised Crime Units, Police Scotland and Police Service of Northern Ireland visited approximately 60 businesses, with personalised security data reports, identifying 5,531 compromises on servers within the UK. The compromises could be used to send out spam email, launch attacks against websites or servers, or install phishing websites to gain access to sensitive information.
The NCA estimates that organisations acting on this advice could, between them, clean up to half of the phishing attacks that typically originate from the UK each month.
The Association of Chief Police Officers (ACPO) has also worked with four police regions to hold cyber-security pop-up shops in London, Reading, Derby and Manchester this weekend. Anyone can bring along their digital devices for a free health check and to get advice on online banking, virus protection and protecting themselves online. The pop-up shops enable people to get advice from a range of cyber experts from law enforcement bodies, banks, cyber security firms and information services such as Cyber Streetwise and Get Safe Online.
The week is also highlighting the very real risk to businesses and the public that cyber crime poses. The NCA is urging members of the public to stay up to date on online safety at www.cyberstreetwise.com and www.getsafeonline.org. Where they can also find malware clean-up tools. If people feel like that they have been a victim of online crime, they can report it at www.actionfraud.police.uk
Andy Archibald, Deputy Director of the NCA’s National Cyber Crime Unit, said:
“These arrests around the country this week are a result of the essential partnership activity with law enforcement, industry and government that is at the heart of fighting cybercrime.
“Criminals need to realise that committing crime online will not make them anonymous to law enforcement. We are continuously working to track down and apprehend those seeking to utilise computers for criminal ends, and to disrupt the technical networks and infrastructures supporting international cyber crime.
“It’s imperative that we continue to work with partners to pursue and disrupt the major crime groups targeting the UK, but also, crucially, work to make sure that people have the knowledge and resources to make the UK as inhospitable as possible for cyber criminals in the first place.”
National Policing Lead for Cybercrime, Deputy Chief Constable Peter Goodman said:
“Cyber-crime is not victimless. A high-end cyber-attack against financial institutions could have a far-reaching impact on our economy. Small and medium sized businesses can be bankrupted by a cyber-attack with owners and staff losing their jobs. You could be seriously affected by the publication of your personal information.
“We are transforming our response to cyber-crime. We now have an effective national cyber-crime unit and regional units tackling this crime, who have worked together this week to target those who are using the internet to steal, commit fraud or impact on organisations’ ability to do their business.
“Please make it harder for these criminals to get away with it by taking simple steps to stay secure online.”