Posts Tagged ‘UK’
Wednesday, October 23, 2013 @ 03:10 PM gHale
A 25-year-old UK man got three years and eight months in prison for stealing account credentials which he then used to purchase goods worth $112,000 from online stores.
Sentencing Andrew Morgan and three others at Grimsby Crown Court in the UK, Judge David Tremberg said the offenses caused “enormous inconvenience and vexation” to customers.
Tremberg told Morgan he was not at the level of sophistication of professional fraudsters to devise his own hacking tool kit, but the judge described him as an “enthusiastic follower” of a forum on how to commit fraud, according to a report in the Grimsby Telegraph.
Tremberg said Morgan had played the “senior operational role” organizing multiple attacks.
He also imposed a Serious Crime Prevention Order which means Morgan cannot change his name for Internet purposes and he must keep a verifiable history of all Internet use for five years.
Accomplices included Ashton Leach, 21, of Immingham, who admitted conspiracy to commit fraud and two drug offenses, including the supply of cannabis and methadrone in November 2011.
He received eight months in prison suspended for 18 months and 80 hours of unpaid work for the fraud offenses and a further eight months suspended for 18 months and 80 hours unpaid work for the drugs offenses.
Amanda Gollings, 32, of Immingham, admitted conspiracy to commit fraud between August and September last year.
She said she had signed for goods three times but pleaded guilty on the basis that she only dishonestly signed for two of them. She received a 12-month community order and 60 hours of unpaid work.
Her cousin Sarah Louise McIntyre, 22, of Immingham, admitted using criminal property, a Nintendo DS for her son, but said she was not part of the conspiracy of her former partner, Morgan.
Prosecuting, Craig Lowe said Proceeds of Crime proceedings will end up taken against Morgan. He said Leach had received goods in 50 transactions in one month.
Lowe said Morgan hacked into confidential information held electronically by various companies, which he had learned how to do by going on websites that provide a tool kit to obtain email address and passwords.
Firms like Amazon set up accounts that store details on secure servers and end up used each time a customer makes a purchase, using a “one click” system so the customer doesn’t have to give details each time they order.
One of the stipulations of opening an Amazon account is that the billing or home address should be the same as the delivery address, to try to reduce fraud, the court heard.
On one hackers’ forum, Morgan said he had been doing fraud for two years and had “blasted it for four months with Paypal, Amazon and shops.”
Monday, October 21, 2013 @ 05:10 PM gHale
As the United Kingdom attempts to secure its future energy needs and cut greenhouse gas emissions, Britain inked a pact with a French energy company and Chinese investors to build the country’s first nuclear power plant in 18 years.
The government struck a deal with Electricite de France and a group of Chinese investors Monday to build the country’s first nuclear power plant since 1995
“If people at home want to be able to keep watching the television, be able to turn the kettle on, and benefit from electricity, we have got to make these investments,” Energy Secretary Ed Davey told the BBC. “It is essential to keep the lights on and to power British business.”
The deal for the new reactor at Hinkley Point in southwest England, which will generate power in 2023, underlines the desperation politicians across Europe face in meeting energy needs amid dwindling fossil fuel resources and rising costs.
Germany decided two years ago to shut down all of its nuclear power plants by 2022, following years of anti-nuclear protests and the meltdown at Fukushima, Japan in 2011 after an earthquake and tsunami devastated the facility. But the effort needed to ramp up renewable energy sources to replace domestic nuclear reactors is costly because the country must build many new wind, solar, water and biomass plants and Germany must overhaul its energy grid to balance the fluctuating supply such power sources provide.
One of the last barriers to the British deal ended up removed during a visit to Asia last week by Treasury chief George Osborne, who said Chinese firms could invest in civilian nuclear projects.
China General Nuclear Corp. and China National Nuclear Corp will provide 30 percent to 40 percent of the financing under the agreement in principle, EDF said. EDF, majority-owned by the French government, will provide 45 percent to 50 percent.
The deal also helps China, which relies on foreign technology for its generating stations and is trying to develop its own reactors.
Friday, September 27, 2013 @ 05:09 PM gHale
The crack down on cyber bad guys is ongoing throughout the world and law enforcement agencies are finding some success in a very difficult environment to find and capture criminals.
A small snapshot of a triumph for the white hats shows that UK law enforcement anti-hacker efforts stopped the theft of over $1.6 billion (£1billion) in just over two years, according to the Met’s Police Central e-crime Unit (PCeU).
As well as the money, the report also said PCeU operations have led to 126 suspects arrested and 89 people convicted, with 30 more awaiting trial, according to the PCeU Harm and reduction report 2013.
The operations also disrupted 26 national and international cyber-based organized crime groups and secured 184 years imprisonment for the 61 criminals.
At first the police said they would cut the cost of cyber crime by $813 million (£504 million) within four years in 2011. The report highlighted the Allandale and Caldelana operations as key victories that helped it double its projected goal.
Operation Allandale was a sting against a gang conspiring to defraud banks worldwide using a sophisticated phishing scam. The operation resulted in the arrest of three men and prevented $119 million (£74 million) worth of financial damage.
Operation Caldelana saw police target an organized crime group responsible for a sophisticated phishing scam responsible for stealing money from victims’ bank accounts. The operation prevented $63 million (£39 million) worth of damage.
“The PCeU has exceeded all expectations in respect of making the UK’s cyber space more secure,” said Commander Steve Rodhouse, head of gangs and organized crime at the Met. “This is due to its innovative partnership work with industry and law enforcement across the globe and its dynamic system for developing intelligence, enforcing the law and quickly putting protection measures in place,” he said.
Monday, September 16, 2013 @ 05:09 PM gHale
Over half of companies are more worried about their own employees turning rogue than about external cyber-threats, a survey said.
While cyber security is a global issue, this survey, conducted by IT Governance, wanted to show how company directors and board members currently perceive IT security issues. Most of the respondents in this survey are from the UK, are IT professionals, and work for tech and financial firms, telecoms, and the government/local authorities. It does give a regional snapshot on some security issues.
A quarter of the 260 respondents said their organization received a concerted cyber attack in the past 12 months. However, the true total may be higher, as over 20 percent are unsure if their organization has been subject to an attack.
Despite that, over 40 percent of respondents said their company is either making the wrong level of investment in information security or are unsure if their investment is appropriate.
And it doesn’t help that reports on the status of the organization’s IT security often gets delivered once a year or in even bigger intervals — or in 30 percent of the cases board-level job candidates are aware and understand current IT security threats.
The good news is customers are beginning to take the company’s security credentials into consideration when choosing their suppliers. Seventy-four percent of respondents said their customers prefer dealing with suppliers with such credentials, while 50 percent said customers asked their company about its information security measures in the past 12 months.
Despite all this, compliance with the ISO/IEC 27001 security standard is not high (around 35 percent) with the companies whose employees/managers have been polled.
Thursday, August 22, 2013 @ 04:08 PM gHale
Yes, the cyber threat from criminals and nation states is very real, but when push comes to shove, over 50 percent of businesses consider their own employees the greatest security threat, according to a new survey.
Fifty-four percent of respondents believe insiders are the biggest threat, compared to 27 percent who fear criminals the most, 12 percent state-sponsored cyber attacks and 8 percent competitors, according to the survey conducted by IT Governance.
On top of that, 25 percent of respondents said their business had received a “concerted cyber-attack” in the past 12 months.
That number could actually be higher, as 21 percent of respondents said they do not know whether or not they suffered such an attack, said officials at IT Governance, a UK-based security provider.
The UK government, among many others, has made a concerted effort to make IT security a board-level issue. IT Governance’s survey suggests there is some board level recognition of IT security, but that there is room for improvement.
The majority of respondents (58 percent) said their organization gives the board of directors “regular” report on the state of its IT security. That is an encouraging figure, but for 35 percent of those companies that provide reports, they are filed “less than annually.”
Only 30 percent of respondents said an understanding of IT security is a pre-requisite for a position on the board.
Other findings from IT Governance’s survey include the fact 50 percent of respondents said customers had inquired about their IT security measures in the past 12 months, and 26 percent have lost sleep because of worries about IT security.
IT Governance surveyed 260 respondents, mostly business and IT executives from businesses in the UK and U.S.
Click here to download the survey.
Thursday, June 20, 2013 @ 12:06 PM gHale
Three men who ran a phishing scam that made off with millions now face a total of 21 years in prison after their sentencing hearing.
The men, Inout Caraman and Adrian Iorgovean from Romania and Nigerian Sunday Godday Etu, had servers containing details of 30,000 bank customers – 12,500 of which were in the UK. They also had 70 million customer email addresses used in phishing scams.
Met Police Central e-Crime Unit (PCeU), the Serious Organized Crime Agency (Soca), and the U.S. Secret Service conducted the investigation.
Their activities first came to light when intelligence sent to the PCeU found 2,600 phishing pages that mimicked the web pages of banking websites had been set up to gather data from users based in the UK, US, China and Russia.
The men ended up traced to the UK, staying in a luxury hotel in London. Investigators from Soca and the PCeU arrested them and they received sentences two days later.
The PCeU then worked with counterparts from the U.S. and France to secure the servers, which were in the individual countries. Based on the amount of data stored on the servers, the Financial Fraud Bureau said $91.3 million (£59 million) worth of fraud targeting 12,500 UK victims ended up prevented, and the figure would have been higher if they accounted for the international victims.
At sentencing, the Caraman and Iorgovean received sentences of seven years and two months, and five years and seven months respectively for pleading guilty, while Etu received eight years after pleading not guilty.
Investigating officer DI Jason Tunn, of the MPS PCeU, said the convictions were a success against the cyber gang and he said the joint efforts by the United States Secret Service, Municipal Police of Lille, and the Romanian Police Cyber Division assisted in the case.
“These convictions have struck a major and decisive blow against this global cyber crime gang. Quite what they have managed to steal is yet to be determined but their conviction has prevented them from systematically defrauding thousands more bank customers across the world,” he said.
“This is by far the biggest case the PCeU has dealt with to date and is likely to be the biggest cyber phishing case so far in the UK.”