The National Crime Agency (NCA) has completed its biggest ever UK-wide cybercrime dragnet, arresting 57 people for a long list of alleged hacking, phishing and DDoS incidents, including attacks on Yahoo and the US Department of Defense (DoD).
At the end of the four-day operation and 25 separate raids the public has been given a peek into the true scale of the UK cybercrime scene. Covering cities as far as London, Leeds, and Barry in Wales, it doesn’t make for pretty viewing.
With a few exceptions, the majority of the disclosed arrests were of men in their twenties, including one or two known attacks such as the arrest of a 21 year-old man allegedly connected to the by ‘D33Ds Company’ Lizard Squad hacking group that stole and published a cache of 400,000 email addresses and passwords from Yahoo in 2012.
Separately, a 23 year-old was picked up for a June 2014 hacking attack on the US Department of Defence (DoD) Enhanced Mobile Satellite Services system which got hold of the contact details of 800 members of staff.
Three of the arrests related to DDoS attacks with one allegedly connected to an extraordinary 350 incidents while another individual was accused of using denial of service to attack a rival firm.
Predictably, other arrests covered phishing attacks, developing malware for use in attacks, online fraud, attacks on online banks, fraud against retail loyalty card schemes, and a company said to have ‘housed’ criminal infrastructure.
Interestingly, several people were warned after being detected buying Remote Access Trojans (RATs) while 60 firms across England, Scotland and Northern Ireland whose servers were suspected of being compromised to host attacks were visited to initiative a clean-up.
“The 56 arrests around the country this week are a result of the essential partnership activity with law enforcement, industry and government that is at the heart of fighting cybercrime,” said NCA National Cyber Crime Unit deputy director, Andy Archibald.
“Criminals need to realise that committing crime online will not make them anonymous to law enforcement. We are continuously working to track down and apprehend those seeking to utilise computers for criminal ends, and to disrupt the technical networks and infrastructures supporting international cyber crime.”
Normally, the NCA arrest sheet runs to a handful of suspect. This week’s operation and the fact that the NCA went out of its way to give the BBC access to one of its operations is a testament to the politics of cybercrime. The NCA’s mega-bust of 2015 sends a clear message not simply to the criminals but to the politicians and public – we are here.
“One of the reasons that cyber-crime has become so widespread is that the chances of getting caught are too close to zero, so its good news that the NCA’s teeth is biting," commented KPMG's cyber security practice leader, Malcolm Marshall.
"The success of their efforts will depend upon the justice systems ability to respond as effectively. Cyber-crime is no longer a niche crime, but pervasive.”