FBI indictments raise hope
May 19, 2008 BUCHAREST, ROMANIA – Thirty-eight individuals with ties to international organized crime have been charged in two separate indictments involving computer and credit card fraud schemes, Deputy Attorney General Mark R. Filip, Romanian Prosecutor General Laura Codruţa K övesi, U.S. Attorney for the Central District of California Thomas P. O’Brien and Acting U.S. Attorney for the District of Connecticut Nora R. Dannehy announced today. The Deputy Attorney General made the announcement with the Romanian Prosecutor General to highlight the extensive and continued cooperation between the two countries in addressing these types of international crimes. The announcement comes less than one month after U.S. Attorney General Michael B. Mukasey announced the Department’s new Law Enforcement Strategy to Combat International Organized Crime.The FBI, following up on an announcement last month, has moved into an aggressive mode in prosecution for computer crimes. This indictment includes 33 individuals on 65 counts in Los Angeles, and 7 individuals in Washington, DC involving phishing scams. It also includes search warrants being issued in Romanian.
The locations of the operations included: the United States, Canada, Pakistan, Portugal and Romania.
The phishing scams were mainly target as messages from Citibank, Capital One, JPMorgan Chase & Co., Comerica Bank, Wells Fargo & Co., eBay and PayPal. All very common subjects for such attacks.
The role of identity here is unequivocal, and much work remains to be done both on existing protocol strata, including email and SIP, as well as emerging identity protocols, such as Liberty Alliance, openID, and Oauth (to name but a few).
As these new protocols mature, and their use broadens, they will form the basis for new attack surfaces for such criminal behaviors. The Liberty Alliance has been focusing some of it's talents directly in this space in the form of the Identity-Theft Special Interest group, and began working on this topic as far back as 2004.
Oddly, this topic, which has some momentum at earlier IIW events, was not touched as a primary topic at the most recent session. As an industry, we need to think about reversing this trend.