70 Zeus Arrests: Financial Fraud Is Not The Business Of Individuals

A rash of arrests in the UK happened on Wednesday, culminating in formal charges being laid against 11 Eastern Europeans from all walks of life. In the US, meanwhile, Thursday also saw charges laid against 70 further East Europeans, who allegedly used Zeus to steal at least $3 million from US bank accounts.

The recent arrests in the US and the UK indicate that financial fraud is not the business of individuals. Behind these operations you can find groups of people which in many cases operate for larger organized crime groups. They have the money and the means to run large scale sustainable criminal online operations. As time goes by we’re seeing more groups which are larger, more efficient, and knowledgeable than before, and as a result much more successful. Zeus is being used around the world to attack individual customers, and big businesses are also being targeted, particularly in the US.

And it’s against this backdrop that Boodaei predicts that other cybercrime gangs are almost certainly operating in other countries around the world, perhaps in continental Europe, Canada and across the Asia-Pacific region, running parallel criminal operations to the Zeus gangs in the UK and the US.

However, recent successful arrests in the US and the UK show that law enforcement agencies, with the help of the banks, their customers, and the industry, are capable of tracking these people down and putting them behind bars. More efforts are needed for this promising start to become truly successful. Financial fraud can be stopped from spreading if financial organizations and customers continue to improve security and work with law enforcement to go after cyber criminals.

The arrests show that some of the criminal groups behind Zeus are doing a poor job in covering their tracks. This provides an excellent opportunity for the police, the banks, and their customers to join together and get more criminals behinds bars. The police and law enforcement agencies did a great job in tracing down this group and gathering information that can facilitate their arrest.

This is not a simple task and I’ve heard many people saying that this is almost impossible due to the level of sophistication from criminals and the complication of the justice system. However, this case and a few others that precede it show that this can be achieved.

The criminals’ servers were actually penetrated and a lot of evidence gathered from them. This shows that criminals are vulnerable. By running more operations like this and by the banks and other organizations investing effort in tracing fraudsters and not just blocking their activities, there is a good chance we can lower the volumes of attacks. Customers can take their banks’ advice and implement fraud prevention tools that provide valuable capabilities to banks in detecting and blocking these threats. By working together we can definitely stop this threat from growing.

SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone

Prior to founding Trusteer, Mickey Boodaei co-founded and held the position of VP of EMEA sales for Imperva. Mickey grew sales from zero to 40% of company revenues in less than 18 months. Prior to that, Mickey was Imperva’s Vice President of Product Management and Technical Services. In this role, Mickey was responsible for defining and creating several category defining products in the fields of application and database security. Prior to Imperva, Mickey was founder and Chief Executive Officer of Edvice - an application and database security consulting group. Edvice provided advanced security services to major financial institutions including penetration testing, security architecture design and implementation of security features for Web-based applications. Mickey also served for six years as a security research engineer in the Israel Defense Forces. There, he worked on security design, penetration testing, and basic research in the fields of application and database security. He holds a B.Sc. degree from the Technion, Israel Institute of Technology, and an MBA from Ben-Gurion University.