Key takeouts from the post include:
The two schemes were used to execute a range of despicable cyber crimes that robbed consumers, companies, and even non-profit organizations of millions of dollars. The GameOver Zeus malware created a botnet that helped to spread Cryptolocker, code that was used to encrypt the files of victims and extort money from them in a scheme known as ransomware. But GameOver Zeus was also used to steal personal data and money by carrying out fraudulent banking transactions using the accounts of its victims.
The various steps taken by law enforcement this week, combined with other recent crackdowns like the one against Blackshades, could well add up to a big leap forward in the fight against cyber crime as it sends a clear message to those responsible that they are not untouchable. No, not all of these crooks have been arrested. But my contacts in international law enforcement assure me that having your face plastered all over the Internet as “Most Wanted” definitely puts a crimp in the cyber criminal lifestyle.
What's next?
I anticipate further progress on three fronts. First, the pursuit of the persons named in the recent indictments and injunctions, hopefully resulting in apprehension and prosecution. I think this will have a strong deterrent effect on some current and wannabe cyber criminals.
Second, I think we will see further takedowns and indictments related to other cyber crime operations. It is no secret that security companies like ESET and those named by the FBI in the GameOver Zeus takedown are actively involved with ongoing investigations. The work is hard and it takes a frustratingly long time to get to the point where indictments can be handed down, but people should know that such work is going in.
Third, I see the public continuing to increase its security awareness and practice better cyber hygiene. We would all like technology to solve the cyber crime problem but it cannot. Reducing cyber crime will take sustained law enforcement efforts, at all levels, from the local to the international, plus cooperation from companies and consumers playing their part to prevent the spread of malware and stop unauthorized access to systems and data. That means consistent use of strong anti-malware, strong authentication, and strong encryption. Together, we can make a difference.