CBI hits hackers in global operation

Locations in Mumbai, Pune, Ghaziabad raided on FBI inputs; financial crimes likely target

A call from the US Federal Bureau of Investigation (FBI) two days back prompted its Indian counterpart to leap into a first of its kind international operation against cyber hackers. Based on inputs from the US agency, officers of the Central Bureau of Investigation (CBI) on Friday cracked down on various locations in Mumbai, Pune and Ghaziabad to uncover a racket that allegedly hacked 900 email accounts internationally, 171 of Indians.

The agency is probing all possible angles, from individual spying to corporate espionage and even terrorism-related activity. The CBI has not ruled out the possibility of widespread financial fraud through hacking.

The raids are part of a coordinated action between China, Romania, the US and India. A Pune-based suspect, Amit Vikram Tiwari, has been arrested for violating the Information Technology Act. “This is a sign that cyber crime coordination is improving,” said Sivarama Krishnan, executive director of PwC India. It is still happening only in pockets though, he added. Tiwari, an engineer who had earlier been embroiled in credit card frauds, allegedly hacked into accounts of individuals for a fee ranging between $250 and $500. He also ran two websites called anonymiti.com and hirehacker.net. The CBI has registered two cases against him.

In a press statement, the CBI said, “Upon receipt of a hacking order, along with the email addresses to be hacked, the website operators gained access to the email accounts and sent proof of the access to customers.  On receipt of a payment from customers, these operators shared the hacked passwords with customers.”

While the CBI coordinates with international investigation agencies on various crimes, especially terrorism-related, this is the first time such an operation against cyber hacking has been conducted in India. “The largest chunk of cyber crime perpetration happens in Russia and eastern European countries,” said Krishnan. Gulshan Rai, director general of India’s Computer Emergency Response Team (CERT-In) said that the country was sharing information with respect to cyber crime and security with several nations, including the US. “This issue cuts across geographical boundaries, so sharing of information, both with respect to technology and crime, is essential.”

Rai said CERT-In was not involved in the operation, but it regularly exchanged intelligence, being part of the Forum for Incident Response and Security Teams (FIRST) and CERT-Asia Pacific. Several security and incident response teams from the government, commercial and academic sectors are members of FIRST.

In a recent instance, credit cards of a leading agency in the country were being misused in the US, which caused a huge monetary loss. Investigations led to a specific agency and merchant, who were prosecuted in the US.

ALSO READ: India favours setting up of portal with US to check webcrime

ALSO READ: Indians prone to risky online behaviour: Norton survey

ALSO READ: Cyber-crime costs up to $500 billion to world economy