A bad week for UK cybercriminals

56 suspected hackers have been arrested by the UK’s National Crime Agency (NCA) as part of what British police are calling “strike week” against cybercriminals.

In 26 separate operations across the country, people were arrested in connection with a variety of offences related to distributed denial-of-service (DDoS) attacks, internet fraud, phishing attacks, the theft of intellectual property, and malware.

Those arrested include a 22-year-old man, suspected of involvement in a hack by “D3DDs Company” that saw over 400,000 email addresses and passwords stolen from Yahoo in 2012.

Separately, a 23-year-old man from Sutton Coldfield suspected of hacking into the US Department of Defence last June, and stealing data from the Enhanced Mobile Satellite Services global communications system. In that attack, the contact information of approximately 800 people – including name, title, email addresses and phone numbers – was stolen, as well as details of around 34,400 devices.

Following that attack, a message was posted on PasteBin with what appeared to be a message for the notorious LizardSquad hacking gang:

“We smite the Lizards, LizardSquad your time is near. We’re in your bases, we control your satellites. The missiles shall rein upon thy who claim alliance, watch your heads, ** T-47:59:59 until lift off. We’re one, we’re many, we lurk in the dark,we’re everywhere and anywhere. Live Free Die Hard! DoD, DISA EMSS : Enhanced Mobile Satellite Services is not all, Department of Defense has no Defenses.”

The following video shows the arrest, on 3 March 2015, of a 22-year-old man suspected of developing and distributing malware.

The suspected malware developer is arrested by members of the NCA at his home in Aldbourne, Marlborough, in the early hours of the morning. During the video you can see law-enforcement agency officers search the premises for evidence, look inside what appears to be a safe (from where CD ROMs are removed), before they seize computing equipment for forensic analysis and take the suspect into custody.

https://www.youtube.com/watch?v=XH-uEriFIHA

You probably won’t be surprised to see the suspect is wearing a hoody as the police take him away.

In other police swoops, a 33-year-old man from Barry was arrested by South Wales police, suspected of launching a denial-of-service attack against a rival company.

But perhaps the biggest operation of the week involved the 25 suspects apprehended in London and Essex by the Metropolitan Police Fraud and Linked Crime Online (FALCON) unit, after allegedly using the net to steal and launder money and carry out fraud.

Andy Archibald, deputy director of the NCA`s National Cyber Crime Unit, warned those breaking the law on the internet that they could not assume they would remain anonymous to the authorities:

“Criminals need to realise that committing crime online will not make them anonymous to law enforcement. We are continuously working to track down and apprehend those seeking to utilise computers for criminal ends, and to disrupt the technical networks and infrastructures supporting international cyber crime.”

The National Crime Agency sent a stark warning via Twitter to others who might be involved in internet criminality:

This is just the start. Wherever #CyberCriminals hide we will work with industry and international law enforcement to bring them to justice

We shouldn’t be duped into believing that a large wave of arrests such as this can make the internet a safe place. But it will, hopefully, make some online criminals think twice about what they are doing, and understand that the repercussions if caught could be serious.

More details of the arrests can be found on the NCA’s website.