Law enforcement in four countries have managed to work together to take down a number of hackers-for-hire, all accused of operating websites offering to break into email accounts for a fee.
Arrests were made over the last week in the US, China, India and Romania, with customers of hacking services also picked up in the US, making a total of eleven arrests all told.
The target of the coordinated swoop was a cluster of websites offering bespoke hacking services, mainly breaking into email and social networking sites for a variable fee. It’s not clear whether there was any connection between the sites or their operators, other than their shared business model.
In the US, the FBI filed charges against five people, the main targets being two men from Arkansas thought to be behind the needapassword.com site.
The site is thought to have been involved in breaching over 6,000 email accounts. The men could face up to five-years jail time if found guilty.
The other three defendants are accused of being customers of hacking sites. Two paid just over $1,000, while the third, from California, is alleged to have handed over more than $20,000 to a Chinese hacking site.
The Feds did not disclose whether this was the same site operated by Ying “Brent” Liu, who was picked up by Beijing police in connection with another email hacking website, hiretohack.net, linked to around 300 account compromises. Local reports claim Liu “confessed during interrogation”.
Meanwhile in India another man was arrested, described by local law enforcement reports as only “a Pune based private person” but named by the FBI as Amit Tiwari and linked to two websites connected to over 900 email account breaches.
Finally, Romanian police have picked up and charged four people regarding six different websites which may have been behind around 1,600 further account break-ins.
All in all it seems like a pretty successful operation, made all the more impressive by the complexities of international cybercrime law and the difficulties involved in coordinating action between multiple law enforcement agencies, all operating under different legal codes.
Cybercrime and law blogger Gary Warner called the cooperative effort “unprecedented” and a “great sign” of tough times to come for cybercrooks.
As well as providing details and screenshots of many of the sites involved, Warner also speculates that the Romanian haul may include the notorious celebrity-hacker known as Guccifer, already thought to have been picked up last week.
Cybercrime is a global problem and requires global measures to combat it. As we’ve seen several times recently, the cyber cops of the world seem to be doing an ever better job of working together, pooling information and resources and coordinating cases across borders to good effect.
If President Goodluck Jonathan gets his way, the Nigerian proposal may even include the death sentence for cases involving critical infrastructure or loss of life, according to local reports.
It’s important for those drafting and approving these laws to take into account the international nature of cybercrime, and make sure their local laws enable cooperation and collaboration with legal systems and enforcement agencies around the world.
So, it might be best to steer clear of punishments some might consider a little extreme.
On a brighter note, if the trends demonstrated in the hackers-for-hire case continue, we could one day end up with a properly interconnected set of laws covering digital crimes all over the world, and a set of enforcement agencies to back them up, all working in unison.
Won’t that be nice.