Trial Set in Massive Swedish Cyber-Fraud Case
A criminal hacker group faces eight years in jail for one of the biggest IT-based frauds in Swedish history, if convicted in a trial set this week. The group scammed millions from Swedish companies and authorities by hijacking computers and mounting social engineering attacks.
According to cybersecurity firm Nixu, the campaign had multiple stages. First, the attackers gained access to organizations’ user IDs and passwords, and from there set about educating themselves on how these companies communicate by gathering information with malware and remote administration tools. From there, social engineering was employed to trick users into clicking on links and/or malicious files which enabled the attackers to gain full access and lateral movement within the victim’s networks.
With that access gained, attackers were able to redirect significant amounts of products such as IT equipment to alternative addresses. The scam pivoted over time to also include actual changes in financial systems to redirect payments to alternative accounts, hence leapfrogging the logistics side, transferring cash directly to specified accounts.
What makes the fraud unique is the severity and extent of the attack; a group of eight criminal hackers from Sweden and Poland has stolen 40 million Swedish kronor from 60 companies, authorities and municipalities; among the victims are several Swedish financial institutions and a political party. The preliminary investigation has been limited to SEK 40 million due to the maximum sentence value, but the scam most likely vastly exceeds that sum, according to Nixu.
Jesper Svegby, CEO of Bitsec, part of Nixu, noted that the fraud wasn’t very sophisticated technically, but that it was advanced in terms of the large scale and strategy. Even so, the attacks could have been successfully prevented and stopped.
“This is a new trend that we have been able to follow closely when supporting some of the companies exposed to this fraud,” said Svegby. “As society becomes increasingly digital, ensuring effective protection against this type of crime requires new approaches and structures from various parties in society. Organizations need to lift their information security to management and board level. In addition, society must realize its vulnerability and require more interaction within and between police, prosecutors and companies and organizations facing cyber-threats.”
The criminal trial is set to begin on September 26, and is scheduled to run for approximately 55 days. The prosecutor is aiming for the maximum sentence of eight year’s imprisonment. The preliminary investigation was wide-ranging, involving 13 prosecutors and producing investigatory material exceeding 20,000 pages.
Source: Information Security Magazine