[A-List] Russia: Chechen hacker alert

["Michael Keaney" <michael.keaney@xxxxxx>]

The timing of this news release might be considered as opportune...


'Cyber mercenary' targets west's major banks
IAN BRUCE
The Herald, 28 October 2002

CHECHEN rebels have recruited an expert computer hacker "cyber mercenary" to
attack the west's 10 major banks, according to the FSB, Russia's state
security service and the successor of the KGB.

The assault on financial institutions takes the form of e-mails offering
commercial services which also contain "Trojan horse" software enabling the
hacker to gain access to accounts.

The technique is known as "back orifice" and first emerged in 1998.

It is activated by someone opening the e-mail on the target computer system.

This then downloads a programme into the bank's computer, allowing the
hacker to tamper with records, alter accounts, destroy key information and
generally create havoc by remote control.

The FSB said the new form of back orifice had been modified to evade
detection by standard download protection systems and to bypass the
firewalls built into sensitive systems to prevent data corruption via
internet viruses.

A UK security source said yesterday: "The Chechens are not renowned for
their sophistication in terror tactics. The suicide bombing threat to
hostages in Moscow in the siege just ended is more their style.

"Our information from Russia's FSB is that they have now recruited a
cyber-mercenary to step up the campaign against the west.

"The whole exercise may be geared towards acquiring funds illegally to
finance arms purchases or to bring their ongoing guerrilla war against
Russia to international prominence. They may also feel that the west has
displayed double standards and ignored their plight while condemning human
rights abuses in other countries."

Western banks seldom reveal details of any successful hacking penetration of
their systems because it could affect public confidence and potentially
damage their market position.