Albert Gonzalez Credit Card Theft - Research Paper Example

Contents Contents Introduction 2 Albert Gonzalez Credit Card Theft Case 4 Method of fraud 4 Facts and Figures 5 Case Outcome 6 Max Ray Butler’s Credit Card Theft Case 6 Facts and figures 7 Case investigation and outcome 8 Conclusions 8 References 9 US Code - Section 1029: Fraud and related activity in connection with access devices 9 Introduction Cyber crimes are those crimes which involve the computers and computer networks; in cyber crimes computer technology plays an instrumental part in the commission of that crime. Today we are witnessing a very diverse array of cyber crimes like pornography, identity theft, hacking of government computers for misuse, copy right infringement, phishing scams, harassment and credit card frauds etc. The expansion of the communication networks to mobiles and laptops have made it easier to engage in these fraudulent activities. Not long ago internet was distributed through a fixed IP network. This IP operated similar to a house address and represented a specific group or a company. Therefore there was an automatic controls system on the internet IP could be traced. This stopped people from trying to use internet as a means of stealing money or another fraud activity because they knew that it could be traced back to them. In the last decade however the growth of internet has been phenomenal. From a mere few million users of the nineties it has grown in to billions. This growth has made it impossible to maintain the old system. Moreover the wireless internet system has made it even more difficult to track internet criminals. This is because airports, bus terminals and even Starbucks coffee shops all have wireless internet facilities. These facilities operate on temporary IPs. This therefore means that each time you connect to the internet a new IP address is assigned to your computer. Thus it becomes almost impossible to track and convict criminals on internet fraud. The conviction becomes even more difficult as it is not easy to prove anything in the court of law. One of the most popular cyber crimes is the Credit Card frauds. This type of fraud has increased over the years with the increase in usage of credit cards. The availability of all types of services through credit cards ensures that they become an attractive option for fraud, especially when it comes to online purchases. There are millions of business in US and Europe which only accept payments through credit cards. This is no longer restricted to online services as it did in the nineties. Businesses like Netflix have ensured that customers rely completely on credits cards for all types of consumer items. Credit card fraud is the term used for describing the fraud or theft of money committed by using the credit cards in illegal payments and money transactions to obtain illegal goods and services or to illegally transfer funds from others accounts. They are among the most popular cyber crimes, millions of dollars worth goods, services and illegal money transactions are made annually by credit card frauds. The credit card frauds usually begin with the theft of the actual card or the details of the card like card number, pin code and password etc. The stolen credit cards can be used by the holder unless they are being cancelled by the actual owner. The criminals involved however are aware of the time it takes for a consumer to realize that their card has been stolen therefore they usually try to gain maximum usage as soon as possible. Transactions are also made online where only the details of the card are required and not the physical card and this is the most favorite hunting ground of many fraudulent because they just need the card details to make the illegal transactions. Credit cards Frauds come under the category of identity theft crimes. Credit Card frauds violate the law of fraud and related activity in connection with access devices. Albert Gonzalez Credit Card Theft Case Albert Gonzalez is the Cuban immigrant to USA who also worked as an informant to USA secret service agency. There his role gave him training and information about the different methods to surpass the system. He was involved in combined credit card theft and then reselling approximately 170 million credit card and ATM numbers, which is the biggest credit card theft scandal until now. Gonzalez and his gang have masterminded the hack of TJX Companies, Heartland Payment systems, Hannaford brother’s computer systems, 7-eleven etc. This is one of the most famous fraud cases in the history of USA. It created global panic and awareness about the severity of the cyber crime world. This incident paved way for serious legislation to eliminate the threat of credit card fraud forever. Complete control has however still not be achieved in this department. Method of fraud Most of their hacking was done in cars or when the criminals were physically near a location, breaching networks wirelessly to steal information, this technique is called wardriving. As mentioned above the aim of this technique was to be like a ghost. The system was hacked each time with a new IP because they were always connecting through new locations. They covered their attacks over the internet using many messaging screen names. They stored the data which is related to their cyber attack on multiple hacking platforms and disabling the programs that logged the inbound and outbound traffic over the hacking platforms, and disguising by using the internet protocol addresses from which their attacks are originated, they use the structured query language injection techniques to create malware backdoors on many corporate systems so that they can install packet sniffer programs into these corporate systems, which would relay sensitive credit card information back to them. They were able to evade antivirus software that was running on the environment by testing it and programming the malware to erase itself suggests a degree of sophistication. This was a never heard before technique and initially there was no counter to stop this infiltration the government or the companies. After stealing the credit card and debit card data Gonzalez and his gang seek to sell the data to other people who would use this data to make fraudulent purchases, to make unauthorized cash withdrawals from banks. Therefore they acted as middle to the whole process. This gave them further security against been tracked or convicted because they were not making purchases themselves. Facts and Figures Approximately 170 million credit card, debit card and ATM card numbers have been stolen by Gonzalez and his gang. They stole 46.5 million credit card numbers from TJX Companies, 130 million from Heartland Payment Systems and nearly 5 million form Hannaford brother systems. Although it is hard to estimate the exact number of damage caused by this fraud but it is estimated that the damage cost is in millions of dollars. This fraud has caused a severe effect on the companies involved; Heartland reported that the breach has cost them 130 million dollar damage. TJX said that the hacking has cost it at least $171.5 million that has already been paid out or will be in the future. This was therefore considered not only as a credit card fraud but a threat to the entire online network that connect millions of financial institutions all around the globe. Case Outcome Federal board of investigation was finally able to arrest the culprit after he made some mistakes. The major mistake made which led to their demise was that they were making frequent stops to a specific Restaurant because they had to restart the hacked point of sale systems any time this restaurant shut down their systems. Prior red flags in Alberts history, his constant visits of one restaurant and suspicious activity, finally lead to his arrest by authorities. Gonzalez was arrested and charged with the conspiracy to gain unauthorized access to computers, to commit fraud in connection with computers and financial computer networks and to damage computers and conspiracy to commit wire fraud. Gonzalez’s attorney filed papers with the United states District court indicating that he would plead guilty to all the charges against him in USA, he pleaded guilty to 19 charges related to computer hacking and credit card fraud. Albert Gonzalez was sentenced 20 years stint in prison and in addition he was also fined 25000 dollars. He also forfeits more than $1.65 million, and his property as a result of plea bargain. Max Ray Butler’s Credit Card Theft Case This case is similar in nature to the case discussed previously due to the fact that both criminals were involved in security before they finally changed into criminals. Max Butler is a former security researcher turned criminal hacker he was also known by the name of Iceman he is involved in a massive credit card theft fraud crime which involves nearly 1.8 million credit card numbers and 86 million dollar in alleged fraudulent purchases. Butler hacked multiple computer networks of card processing firms and financial organizations. He breached their defenses by tricking their SQL servers into running his own commands or slipping in with a hacked password. Once he got inside these networks he sucked out their data including the passwords, login id’s and email addresses of their customers. After steeling this data he sold it to other criminal groups who then use it in purchasing goods and services. For this purpose he has created his own website called cardersmarket.com which is used as meeting place between the criminal people who bought and sold credit cards there are nearly 6000 users on this site, which is by far the biggest carder site on the internet at that time. He used standard features to conduct his fraud network. The vendors would be the first in the chain and would submit their products to an approved receiver who ran test transactions. The fake identities were tested before usage for fuzzy logos, missing microprint, and signature panels that couldnt take ballpoint. The complete network even rated buyers on the quality and number transactions made. Facts and figures The search of Butler’s computer revealed more than 1.8 million credit card numbers including Visa cards, Master cards, American Express etc. Total alleged money is approximately 86 million dollars. Case investigation and outcome FBI was trying to find out the information about Butlers network and they finally succeeded in finding an important man of his gang who is also a former admin of his site. This man known as ‘Zebra’ gave FBI very important information about butlers activities , Butler’s long term partner Aragon who created severe differences with him have also been traced by help of Zebra’s information give information to FBI about butler’s activities. Based on this information and FBI’s further investigations Butler was charged with engaging in computer hacking and identity theft on a massive scale including hacking into financial organizations and credit card processing centers to steal customer’s information. Butler was arrested in September 2007 and on these charges he was sentenced to 13 years in prison. In addition to this sentence Butler had to pay a 27.5 million in restitution to his victims and has to face five years of supervised release. At that time this sentence of 13 years in prison was the longest ever for a Cyber Criminal. Conclusions The severe punishments by courts point out to the importance of these criminal activities. These crimes might not be as heinous as others such as rape, murder etc, but threaten the society on an even larger scale. These crimes reduce and question the faith of the people in the financial system and thus create more panic. This panic does not only create more criminals but weakens the society as a whole. The punishments given in both crimes were under the same act of fraud therefore there was no legal difference instead the fact that Gonzalez filed a plea bargain. References US Code - Section 1029: Fraud and related activity in connection with access devices Retrieved from: (http://codes.lp.findlaw.com/uscode/18/I/47/1029) HIAASEN, S. (2009). From snitch to cyber thief of the century: Miami Herald Poulsen, K. (2008). One Hackers Audacious Plan to Rule the Black Market in Stolen Credit Cards: Wired Magazine Read More