All is relatively well here at
Woesnotgone Meadow, where everyone has above average bandwidth.
Universities
and colleges have been targeted for years by attackers across the globe. These
are known for not necessarily having the most current technology, yet having a
mass amount of PII, which is readily marketable.
Two Nigerian citizens, Olayinka
Olaniyi and Damilola Soloman Ibiwoye, living in Kuala Lumpur, were targeting colleges
and universities in the US. The focus was to steal paychecks and tax returns.
To compromise the targeted systems, the two attackers were phishing 130-140
universities and colleges a day. The attackers took the time and effort to
produce emails which appeared to be legitimate, including the actual logos.
To achieve the end goal, the
attackers needed system credentials. The fraudulent emails would direct the
user to a non-college or university website, which appeared again to be
completely legitimate. Here, the user provided credentials would be harvested.
With this data, the attackers were able to reroute paychecks and access certain
financial documents. The attackers, unfortunately, were successful with 20
different schools. Specifically, with Georgia Tech, the attack was noted
quickly. This quick detection was definitely a bonus. Due to the quick work,
the FBI was notified and they were on-site the next day. They were able to
monitor the attacker’s traffic once present.
To assist with the identification
of the person(s) responsible for this unlawful endeavor, Georgia Tech continued
to work with the authorities. The IP addresses were traced to Malaysia. The authorities
secured search warrants for the “alleged” attackers’ email accounts to provide
evidence for legal actions. From this evidence, the two suspects were clearly
identified by their respective names.
It is notable the US does not have
an extradition agreement with Malaysia. To work with this, the FBI’s legal
attache’ contacted the Malaysian royal police. The local Malaysian authorities
also confirmed the attacker’s individual identities. Curiously, the two
attackers were living in Malaysia on expired visas. The two were arrested. The evidence
gathered also indicated the attackers were using the PII to file fake tax
returns.
The two were sentenced to federal
prison. Ibiwoye pleaded guilty and received 39 months in January 2018. Olaniyi
was convicted with a jury trial and received six years.
This case emphasizes two aspects of
a breach. The breached party needs to be fully aware, as much as possible, of
the breach and extent of the breach. There also needs to be a fully cooperative
stance with a breach. Anything short of this merely adds more time to the open
window for the attacker(s) to steal and use the data.
Thanks for
visiting Woesnotgone Meadow, where the encryption is strong, and the O/Ss are
always using the latest version.
Resources
11 Alive.
(2019). Nigerian hackers convicted after trying to break into Georgia tech’s
payroll system. Retrieved from https://www.11alive.com/article/news/nigerian-hackers-convicted-after-trying-to-break-into-georgia-techs-payrollsystem/
FBI. (2019, February 4). Hackers
targeted universities. Retrieved from https://www.fbi.gov/news/stories/cyber-thieves-sentenced-for-hacking-scheme-targetting-universities-020419
No comments:
Post a Comment