Inside Microsoft's Zeus Malware Raid
New Anti-Fraud Efforts 'Will Keep Cybercriminals Off Balance'"This is a sustainable model that will keep cybercriminals off balance," says Garcia, former assistant secretary for cybersecurity and communications at the U.S. Department of Homeland Security, and who is now an independent security consultant serving as a spokesperson for the Financial Services - Information Sharing and Analysis Center. With so many different public and private agencies and organizations working together, Garcia says steps to thwart known cyberattacks will dramatically improve.
Known as Operation B71, this collaborative effort between Microsoft and the financial-services sector targets cybercriminals who over the last five years have defrauded nearly $500 million from banking institutions, businesses and consumers. "Like sheepherders, these are cybercriminals who have infected computers remotely, and they have used keyloggers to steal money," Garcia says. "Now B71 is going after them."
FS-ISAC, NACHA - The Electronic Payments Association and security vendors Kyrus Tech Inc. and F-Secure, along with Microsoft's Digital Crimes Unit, are behind Operation B71.
On March 25, Microsoft announced that a District Court in eastern New York had given it control and seizure authority over servers and systems linked to cybercrimes and botnets. The court's ruling was passed down March 23, as part of the court's decision in a civil suit filed by Microsoft against known cybercrime groups. [See Microsoft Leads Zeus Takedown.]
The case is unique for a few reasons. First, research and collaboration of the parties involved is rare. Second, Operation B71 sets investigative and legal precedents that pave the way for future cybersecurity enhancements.
In the civil case filed by Microsoft and the co-plaintiffs, the suspects behind the botnets have been charged with violating the 1970s Racketeer Influenced and Corrupt Organizations Act and the 1940s Lanham [Trademark] Act . By asking the court to view botnets as organized crime and phishing attacks as copyright infringement, Operation B71 has identified new ways to arrest, charge and potentially sentence those who wage cyberfraud.
"Cybercriminals now have to be aware that they are being watched and they are being chased," Garcia says.
Cybercrime will never go away. "But what we have now is a tool or a technique that will keep cybercriminals guessing," Garcia says. "It will be more dangerous for them to keep doing what they are doing. We are sending notice now that they will not be able to do this with impunity."
During this interview, Garcia discusses:
- How Operation B71 works with law enforcement and other to track and identify cybercriminals;
- Why this new initiative is sustainable and capable of successfully reducing online crimes and financial fraud;
- How Microsoft's involvement has played a key role.
Garcia served as the nation's first Assistant Secretary for Cyber Security and Communications at the U.S. Department of Homeland Security from 2006-2008 founding his own business, Garcia Strategies LLC, which focused on security business development and strategic communications. In May 2010, Garcia joined Bank of America as its partnership executive for Cybersecurity and Identity Management, a position he held until December 2011. Garcia has led a variety of technology and public policy positions, including as vice president of Information Security Policy and Programs with the Information Technology Association of America, as a professional staff member for the U.S. House of Representatives Committee on Science, and as director of Global Government Relations at 3Com Corp. He also has occupied numerous advisory board positions with high tech startups and is now a member of the Information Security and Privacy Advisory Board, a federal advisory committee, and is on the Board of Trustees of the Studio Theatre in Washington, DC.