Hackers no more
Pittsburgh feds led multinational cyber probe
From Russian interference in U.S. elections to Chinese hacking of U.S. corporate computers, cybercrime threatens government, business and the social order. That’s why a recent victory — the dismantling of an international hacking ring with Pittsburgh connections — is worth applauding.
U.S. Attorney Scott Brady and Bob Jones, the special agent in charge of the FBI’s Pittsburgh office, last week traveled to The Hague in the Netherlands to announce the dismantling of the GozNym ring. The venue highlighted the cybercrime ring’s global reach and the importance of international police work in bringing the Eastern European-based group to heel.
All 11 of the ring’s members were indicted in Pittsburgh following an investigation that involved authorities in Bulgaria, Germany, Georgia, Moldova and Ukraine. Europol and Eurojust, international law-enforcement organizations, also took part.
Criminal proceedings against the defendants are underway in four countries, and five of those indicted remain at large — all of which means more international collaboration will be needed to bring the case to conclusion.
Authorities allege that the ring members used GozNym malware to hijack bank accounts and divert as much as $100 million from about 41,000 businesses worldwide, including at least two in the Pittsburgh area. While the dollar figure is staggering, the impact of their
thievery likely is much greater considering the jobs that may have been lost and families hurt when small businesses proved unable to absorb the losses.
Federal authorities in Pittsburgh years ago carved out a niche as cybercrime experts. The 2014 indictment of Chinese military hackers who targeted companies including Alcoa, Westinghouse and U.S. Steel was followed last year by the indictment of Russian military hackers who targeted athletic anti-doping agencies, other trade organizations and Westinghouse. The latest case only burnishes Pittsburgh officials’ reputation as leaders in cyber-related investigations.
Nor is this the first time they leveraged an international law enforcement network to bring down a target. In 2015, agents here brought down Darkode — a marketplace for hacking tools — that resulted in 70 arrest warrants worldwide. That investigation included the assistance of officials in nearly 20 countries on four continents.
The GozNym case began with the 2016 takedown of another online marketplace — Avalanche — that sold malware products. While Avalanche and GozNym are out of business, there’s probably no shortage of others jockeying to fill the void.
One official said the GozNym case required an “unprecedented” level of international cooperation. It’s good that law-enforcement agencies are able to work so constructively together because the scope of cyberthreats is unprecedented, too.