103 Arrests, 53 Convictions for Cybercriminals

Federal law enforcement officials last week concluded an operation that netted 103 arrests and 53 convictions involving a series of cybercrimes


Federal law enforcement officials last week concluded an operation that netted 103 arrests and 53 convictions involving a series of cybercrimes that targeted 150,000 victims. Operation Web Snare, which began June 1, wrapped up with several arrests across the country. Department of Justice officials said victims lost more than $215 million. They added that there were 160 investigations of the various schemes aimed at 350 subjects resulting in 117 criminal complaints or indictments and 140 search warrants. Attorney General John Ashcroft announced the results of the initiative, which he said was targeted at a variety of online economic crimes, including identity theft, fraud, counterfeit software, computer intrusions and intellectual property theft.

Meanwhile, U.S. law enforcement agents raided five homes and one ISP last week in what the Justice Department calls the first federal enforcement action against piracy on peer-to-peer networks. Agents seized computers, software and computer equipment in the searches, which took place in Texas, New York and Wisconsin. The action targeted illegal distribution of copyright-protected movies, software, games and music on five peer-to-peer networks operated by a group known as The Underground Network, the Justice Department said in a statement. No charges have been filed. Although this is the first time the Justice Department is taking criminal enforcement action involving peer-to-peer networks and piracy, it is not the first time it has involved itself with file sharing or illegal downloads online.

Fujitsu has commercialized a biometric security system based on vein-pattern recognition. The system works by shining a near-infrared light on a palm placed about four centimeters above a scanner. The scanner takes a snapshot of the palm. The vein patterns illuminated under the skin become the basis for security applications. The information can then be loaded into a server or put into an integrated circuit embedded in a credit card. The company has received orders from two Japanese banks, one of which already uses the technology. While iris-recognition technology is probably more secure than vein-pattern identification, few ordinary bank customers want a retinal scan each time they withdrew money, Fujitsu says. Fingerprint scanners are small and convenient, but their use by hundreds of people raises hygiene issues.

Cisco has warned customers about security holes in two products that provide user authentication and authorization services for network devices such as firewalls and routers. The company issued a security advisory last week identifying "multiple denial-of-service and authentication related vulnerabilities" in two products: the Cisco Secure Access Control Server for Windows (Windows ACS) and Cisco Secure Access Control Server Solution Engine (Secure ACS). The vulnerabilities could let attackers or malicious users crash the ACS products or gain unauthorized access to network devices, Cisco said. ACS products centralize user identity management for other Cisco products and management applications, which lets administrators manage and enforce network access policies. Cisco recommended that customers with service contracts obtain the updates using the Cisco Product Upgrade Tool or by contacting the company's Technical Assistance Center.

This content continues onto the next page...