Cybercriminals Target Local GovernmentsMarch 16, 2010 - 11:27 AM | by: Eric Shawn
A new trend has local governments on guard: global computer hackers stealing their money.
It is happening across the country, local municipalities, town and village governments, school districts and counties becoming victims of cybercrime.
The Duanesburg School District in upstate New York was hit, and lost $3 million; the town of Sandwich, Massachusetts, $34,000; Sherwood, Arkansas, about $200,000; and a reported $415,000 from Bullitt County, Kentucky.
“You think you are going to be dealing with teachers and providing the best program for students,” says Duanesburg School District Superintendent Chris Crowley, “and suddenly you are told you lost 3 million dollars to computer hackers… you can’t even fathom what it feels like.”
She says the money was siphoned off to accounts in Hong Kong, the Ukraine and Cyprus.
“In these countries there are brazen and competent criminals who are looking to attack U.S. institutions and do exactly what appears to be happening here, which is wiring money out of these bank accounts,” says Edward Stroz, a former F.B.I. agent who helped start the first cybercrimes unit in the New York F.B.I. office. He now is co-president of a high-end computer forensics company, Stroz Friedberg, which investigates cybercrime, computer forensics and data breaches.
“Here you are dealing with somebody who has targeted it, thought about it, knows how to use computer communications,” says Stroz. “It is a much more thoughtful and savvy criminal” than previous bank robbers.
“The bank robbers don’t carry guns anymore, they carry computers,” the regional President of Duanesberg’s bank, NBT, Jeffrey Levy, told Fox News.
The bank says it was not compromised and that it takes every effort internally to protect its customers’ accounts.
“It certainly is evolving,” said NBT’s Bank Secrecy Act officer James Terry, who notes that “the human factor is very, very important.”
The American Bankers Association and others experts urge customers to monitor their accounts and take extra security precautions.
Stroz says municipalities should have multiple passwords, and people should be careful about opening e-mail that seems unfamiliar. Once the link is established, cybercriminals can then implant malicious software, known as malware, in a town’s system and once they are inside they can be free to commit their crimes. And even though the money may end in foreign accounts, he notes, does not mean the cybercriminals are foreign. They could be Americans who use the offshore accounts to try and hide their ill-gotten booty.
Luckily, in the Duanesberg case almost all of the stolen money was recovered but it is not clear if anyone has been arrested.
“When you are done with the shock, you are angry,” says Ms. Crowley, noting cybercrime can now happen to anyone. “They would have no idea and they would go to their account and find they are missing millions of dollars or thousands of dollars. It is very frustrating.”