CybersecurityPennsylvania cybersecurity group takes down international criminal network

Published 3 July 2014

Over the past month, a coalition of cybersecurity forces in Pittsburgh, Pennsylvania made of regional FBI officers and members of Carnegie Mellon University’s CERT cyberteam, took down the Gameover Zeus cyber theft network, which had employed data ransom and theft schemes. The criminal group was able to snatch funds up to seven figures from owners’ bank accounts.

Over the past month, a coalition of cybersecurity forces in Pittsburgh, Pennsylvania made of regional FBI officers and members of Carnegie Mellon University’s CERT cyberteam, took down the Gameover Zeus cyber theft network, which had employed data ransom and theft schemes.As thePittsburgh Post-Gazette reports, the criminal group was able to snatch funds up to seven figures from owners’ bank accounts.

While much of the case remains under wraps, the Pittsburgh cybersecurity coalition successfully identified Evgeniy Bogachev, a Russian ringleader, as the primary force behind Gameover Zeus. Additionally, five “cyber soldiers” of Unit 61398 of the Chinese military were also connected and identified.

Bogachev was recently indicted for conspiracy, wire fraud, computer fraud, bank fraud, and money laundering. His targeted victim list included U.S. Steel, Alcoa, Allegheny Technologies, the United Steelworkers International Union, and Westinghouse Electric. His system was able to infect 230,000 known computers.

Kristopher Rush, a deputy director for cybersecurity solutions at CERT, detailed the process by which Bogachev was identified. “We may be asked to do a deep dive on a piece of malicious code or a bad actor. A given piece of computer code may have a family tree of ‘18 variants,’ which CERT can trace to the root.”

CERT has had an FBI training program since 1988 in order to identify threats, and was created in order to have a “neutral setting for law enforcement, academia and private industry.”

Bhavani Thuraisingham, the executive director of the Cyber Security Research Institute at the University of Texas at Dallas — similar to CERT — spoke of the takedown as “a warning signal that the U.S. is now going to go after hackers outside of U.S. border. I won’t say it will stop people, but it will deter people in the future.”

Pittsburgh FBI agent Scott Smith also remarked that the case represented “new ground for not only the FBI, but the entire U.S. government.”