Operation Trident Breach, announced late last year by the Federal Bureau of Investigation (FBI), was one of the largest cybercrime take-downs to date. It culminated in arrests of about 40 individuals in the United States, United Kingdom, and elsewhere, all of whom were suspected of involvement in a major criminal ring that had stolen more than $70 million from bank customers’ accounts.
A panel of FBI agents and other law enforcement experts who spoke at the recent FOSE conference in Washington, D.C., discussed some of the operation’s key lessons as well as the current state of law enforcement’s anti-cybercrime efforts. Reasons for Trident’s success range from continuing improvement in international law enforcement cooperation to the use of social networking sites to track down suspects, the panelists said.
Information gleaned from networking sites, particularly Facebook, helped locate 17 suspected money mules—or people who use bank accounts to transfer funds. Facebook helped the investigators gain information about the suspects’ relationships and locations.
Sites like Facebook can provide “a face and a picture,” for example, to help flesh out information on suspects, said Michael Eubanks, an FBI agent who worked on the case. In some cases, law enforcement was able to gain personal details, such as nicknames, that could then be further researched through Google or other search engines, he said.
Social networking sites can be particularly valuable in locating suspects when the sites are combined, as they were in this case, with open source tools that can scan and automatically collect information, instead of requiring a human to sift through the data, said panelists. There are many valuable tools available that can accomplish this, said Eubanks.
(To continue reading "Lessons Learned from Trident Breach," from the November 2011 issue of Security Management, please click here)
photo by Dave Newman/flickr