[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Class III InfoWar: TST Article
This is the article Winn Schwartau cited to last night:
----------
The Sunday Times (London), June 2, 1996, pp. 1, 24.
City surrenders to L400m gangs [Insight column]
City of London financial institutions have paid huge sums
to international gangs of sophisticated "cyber terrorists"
who have amassed up to L400m worldwide by threatening to
wipe out computer systems.
Banks, broking firms and investment houses in America have
also secretly paid ransom to prevent costly computer
meltdown and a collapse in confidence among their
customers, according to sources in Whitehall and
Washington.
An Insight investigation has established that British and
American agencies are examining more than 40 "attacks" on
financial institutions in London and New York since 1993.
Victims have paid up to L13m a time after the blackmailers
demonstrated their ability to bnng trading to a halt using
advanced "information warfare" techniques learnt from the
military.
According to the American National Security Agency (NSA),
they have penetrated computer systems using "logic bombs"
(coded devices that can be remotely detonated),
electromagnetic pulses and "high emission radio frequency
guns", which blow a devastating electronic "wind" through
a computer system.
They have also left encrypted threats at the highest
security levels, reading: "Now do you believe we can
destroy your computers?"
The authorities have been unable to stem the attacks, which
are thought to onginate from the United States. In most
cases, victim banks have failed to notify the police. "They
have given in to blackmail rather than risk a collapse in
confidence in their security systems," said a security
director at one blue-chip merchant bank in the City.
A senior detective in the City of London police said: "We
are aware of the extortion methods, but the banking
community has ways of dealing with it and rarely reports to
the police."
European and American police forces have set up special
units to tackle the cyber criminals, who, Ministry of
Defence sources believe, have netted between L200m and
L400m globally over the past three years. But law
enforcement agencies complain that senior financiers have
closed ranks and are hindering inquiries.
Experts in the field of information warfare met in Brussels
last month to discuss defensive measures. Representatives
included Captain Patrick Tyrrell, assistant director of
computer information strategy at the Ministry of Defence;
General James McCarthy, professor of national security at
the US Air Force Academy; General Jean Pichot-Duclos,
director of the economic intelligence department of the
French Defence Council, and senior figures from the
civilian computer industries.
A separate closed meeting involving representatives from
Whitehall and the intelligence community was held to
analyse the 40 attacks on British and American financial
centres since 1993. A further secret seminar took place in
Washington this weekend.
Kroll Associates, the international investigating firm,
confirmed last week that it had acted for financial
institutions that have been blackmailed. "One of the
problems we face is that the potential embarrassment from
loss of face is very senous," said a spokesman in New York.
Kroll had evidence that firms in London and New York had
been targeted. "The problem for law enforcement is that the
crime is carried out globally, but law enforcement stops at
the frontier," he said.
Yesterday a Bank of England spokesman acknowleged the
threat from the extortionists: "We are aware of this. It
does exist. It is extortion and fraud." But the spokesman
also insisted: "It is not the biggest issue in the banking
market."
Scotland Yard is now taking part in a Europe-wide
initiative to catch the cyber criminals and has appointed
a senior detective from its computer crime unit to take
part in an operation codenamed Lathe Gambit. Such is the
secrecy that few details about the inquiry have emerged.
In America, the FBI has set up three separate units to
investigate computer extortion.
The NSA believes there are four cyber gangs and has
evidence that at least one is based in Russia. The agency
is now examining four examples of blackmail said to have
occurred in London:
+ January 6, 1993: Trading halted at a broking house after
blackmail threat and computer crash. Ransom of L10m paid to
account in Zurich.
+ January 14, 1993: a blue-chip bank paid L12.5m after
blackmail threats.
+ January 29, 1993: a broking house paid L10m in ransom
after similar threats.
+ March 17, 1995: a defence firm paid L10m in ransom.
In all four incidents, the gangs made threats to senior
directors and demonstrated that they had the capacity to
crash a computer system. Each victim conceded to the
blackmailers' demands within hours and tranferred the money
to offshore bank accounts, from which it was removed by the
gangs within minutes.
The techniques have varied. In London, criminals posing as
marketing firms have gained detailed knowledge of a
target's system by interviewing the heads of information
technology departments. In some cases, they have even
issued questionnaires to unsuspecting officials. Armed with
this information, they have been able to breach security
and leave encrypted messages warning of their capability.
The gangs are believed to have gained expertise in
information warfare techniques from the American military,
which is developing "weapons" that can disable or destroy
computer hardware. Some are also known to have infiltrated
banks simply by placing saboteurs on their payroll as
temporary staff.
Little is yet known about the identities of the gangs but,
according to the NSA, America is the main source of the
attacks. It believes that at least one other group
originates from Russia and has followed the movement of
money to the former Soviet states.
A spokesman for the Metropoiitan poiice said: "There is
potential for extortion from those purporting to know how
to damage computer systems.
"The computer crime unit liaises where necessary with its
Euro counterparts to discuss cross-frontier crimes."
One merchant bank director said yesterday: "You will never
get a financial institution to admit it has an extortion
policy, let alone that it has paid money to blackmailers."
-----
Additional reporting: Peter Warren
[End]