It was May 2009, and for Mark Patterson – co-owner of Patco Construction – that would be the month he and his business learned first-hand just how powerful cyber crime can be. Founded in 1985, Patco is a successful business, but retains the small enterprise feel that instills confidence in – and ensures loyalty among – its client base. It's a fixture in the Sanford, Maine, area, and in addition to building houses based on custom designs, the company is also responsible for projects like trail extensions and local park build outs. In this way, Patco represents your typical family business: A well-run, dependable operation whose day-to-day work centers around on-the-ground work, not leaving too much time to focus on workplace tech.
Patco, like so many other businesses operating at its scale, represents a prime target for cyber criminals looking to take advantage of more vulnerable networks. And in 2009, that's exactly what happened. Over a seven-day period that May, money began disappearing from Patco's bank account – which was with a regional financial institution called People's United Bank. All told, the seven days of malicious activity resulted in $588,000 being stolen from Patco. The cyber criminals behind the attack took advantage of the fact that at the time, Patco carried out Automated Clearing House batch transactions with its bank. By getting ahold of Patco's username and password, the hackers were able to initiate transactions that appeared, to the bank, to be legitimate.
But the transactions were far from legitimate, and instead came directly from hackers using some of the most cutting-edge malware out there at the time, ZeuS trojan, a malicious strain that first came onto the scene in 2007 and really started taking off in 2009. Over the years, Zeus has evolved with the times, and its malicious reach has extended far beyond family operations like Patco to attack much larger companies like Amazon, Cisco and the publication BusinessWeek. For Patco and its co-owner, the Zeus intrusion led to significant fallout, and even though the company was able to get People's United to eventually reimburse them for the stolen money, Patco's spending in legal fees – hundreds of thousands of dollars – meant they ended up taking a hit anyway.
The work of on-the-run hackers
But though Patco has recovered from its 2009 intrusion, other organizations still remain at risk. That's because, despite a highly coordinated effort, the FBI has as yet been unable to apprehend Evgeniy Mikhaylovich Bogachev, the main force behind GameOver ZeuS. Depsite having a $3 million bounty on his head – the biggest of any at-large hacker – Bogachev remains a fugitive from international justice. Considering that the FBI has been on Bogachev's case since 2009 – and has put so much money – it's somewhat surprising that he still remains on the run.
"To create a tool that may be responsible since its inception for a billion dollars in damages, and still to evade arrest despite all that up to this point, is just amazing to me," said Don Jackson, a cyber security expert who's followed ZeuS through its many stages of evolution. "Until [Bogachev is] in custody, and he's in custody somewhere where he'll stay in custody, I don't think we'll see the last of it."
And yet Bogachev's situation is hardly a unique one. When a cyber criminal is captured, it's bound to make big headlines. But that's because the huge majority of cyber crime goes unpunished. When Ross Ulbricht, creator of the now-defunct online drugs and guns black market site Silk Road was captured in October 2013, for instance, his arrest represented the culmination of a long period during which we was on the run and able to hide behind the alias "Dread Pirate Roberts." Like so many sophisticated cyber criminals, Ulbricht was able to deploy methods that made it very hard for authorities to track him. When he carried out the illicit business of his operation, he did it via the Dark Net – which is often seen as a refuge from surveillance for cyber criminals.
Big names on the run
Though most cyber criminals get away with their malicious deeds, there are some who've acquired more notoriety than others due to the success of their efforts. In addition to Evgeniy Bogachev, there are many other prominent at-large hackers who use advanced methods not only to carry out sophisticated attacks, but also to evade detection and capture.
With the vast majority of cyber crime going unpunished, companies face a massive threat sphere in terms of malicious threats. In this threat-heavy atmosphere, protection is key. In the second part of this piece, we'll be looking at some of the other hackers who are on the run, and whose skill and authority-dodging capabilities rival those of Bogachev, and further emphasize the need for top-of-the-line enterprise protection.