Posts Tagged ‘Investigations’

AFIMAC CEO Peter Martin quoted in Financial Times: Hackers blur line between thief and spy

March 29th, 2016 Comments off


Hackers blur line between thief and spy


By Geoff Dyer and David J Lynch
March 28, 2016

In the world of hacking, one man’s criminal is increasingly another man’s spy.

By indicting seven Iranians on cyber crime charges last week, the US is trying to send a message to foreign governments that it is willing to challenge publicly any attempts to manipulate the computers of important infrastructure. The charges against the Iranians follow a similar groundbreaking indictment in 2014 of five Chinese.

However, there is one big difference in the cases. The Chinese accused of stealing trade secrets from US companies were all soldiers in the People’s Liberation Army: the seven Iranians, on the other hand, work for private computer security companies.

The distinction is an ever more important one for the US authorities. As they try to find tools to deter rival governments from cyber attacks, one of the growing complications is the blurring of lines between nation-states and criminal gangs willing to work as proxies for either governments or even terrorist groups.

“We are increasingly seeing different versions of this blended threat,” says John Carlin, assistant attorney-general for national security, in an interview with the Financial Times. “It is complicated.”

Peter Martin, chief executive of AFIMAC, a corporate security and crisis management firm headquartered in Miami, says that governments are now frequently hiring hackers to do their dirty work both to make it harder for victims to determine who has attacked them and because much of the requisite technical talent resides in the private sector.

Partnerships with independent hackers, he says, gives nation-states “plausible deniability”.

We are increasingly seeing different versions of this blended threat. It is complicated.

The decision to indict the Iranians is part of a new approach by the US authorities to use public naming-and-shaming as a way of deterring certain types of state-sponsored hacking. “We are taking information that used to be treated as an intelligence matter and are looking to see what we can take public,” says Mr. Carlin.

In the past, the government has refrained from publicly attributing blame for fear of creating diplomatic headaches or to avoid compromising intelligence secrets. Now, with the perceived need to better deter future attacks growing, authorities are becoming more assertive.

“This is a signal to nation-states that we are increasingly willing to talk about what we know,” said Rajesh De, former White House official and general counsel for the National Security Agency.

However, while the US authorities are able to trace cyber attacks back to specific computers, in some cases the link with nation-states is not always as direct as it was in the indictment of the five PLA officers.

According to the Department of Justice, the Iranians are accused of launching a “denial of service” attack on dozens of US financial institutions and of hacking the computer system of a small dam in upstate New York. The seven defendants worked for two different companies, Mersad and ITSec Team, both of which sometimes “performed work on behalf of the Iranian government”, the indictment says.

Prosecutors allege that Amin Shokohi, who worked for ITSec, helped build the botnet that engaged in the attack on US banks. In return, he was excused some of his mandatory military service, the indictment claims.

“These botnets are often constructed by criminal groups but once they are constructed they can be used by actors for a variety of purposes ranging from criminal to national security threats,” says Mr. Carlin.

The same blurring of lines between private hackers and governments was apparent in a separate cyber indictment unsealed last week involving three Syrian nationals. The Department of Justice alleges that the three were hackers for the pro-Assad Syrian Electronic Army which has used spear-phishing emails to gain access to the Twitter feeds of media and government organisations. In one instance, the three allegedly sent a tweet from the Associated Press account claiming that a bomb had exploded at the White House and had injured the president, causing a dip in the stock market.

At the same time, however, the indictment alleges that two of the three also operated an “extortion scheme” in the US for “personal profit” where they would threaten to damage computers or delete stolen data from companies in return for payment.

In October last year, the Malaysian authorities — on the request of the US — arrested a well-known hacker who was accused of selling personal information about US military and government personnel to Isis. According to the US authorities, Ardit Ferizi was the head of a Kosovo-based hacking group.

According to Mr. De, who is now a partner at law firm Mayer Brown in Washington, hackers traditionally fell into one of three categories: government-backed, criminal or politically motivated activists. “Clearly, the lines between these lanes have been blurring over time,” he says. “They are far more blurred today than ever before.”

#FightFraud: AFIMAC Investigations and AVIVA Canada

March 17th, 2016 Comments off

AFIMAC is extremely proud of the work our Investigations Department did in conjunction with Aviva Canada, to collect court-ready evidence for this case. As well, a very special thank you to our AFIMAC undercover agents for their dedication and hard work on this project.

Watch the full undercover video from CTV W5 here.


Undercover Investigations for Drugs in the Workplace

October 20th, 2011 Comments off

Drugs in the workplace is not a new issue and certainly not one that can be easily resolved, however there is a disturbing trend evolving in some workplaces with respect to drug usage and distribution that employers need to be aware of. For years now our organization has been retained to provide undercover operatives and investigations to assist employers identify and eradicate the source of drug dealing and usage in their employee ranks. For the most part, these investigations were born out of desperation from the police being too shorthanded to assist employers investigate drug dealing and usage in the workplace claiming these were “internal issues” that needed to be addressed and resolved by the employer. The basic stance from the police is not new and has been repeated consistently in the past; the police are understaffed and overwhelmed with investigations affecting the public and because the issues in the workplace do not often get the public’s attention, the problem is left to the employer to resolve. This approach as evidenced below has begun to change based on a new phenomenon,  one in which professional drug dealers are moving off the streets and into the workplace to ply their trade as they are acutely aware that this moves them off the “law enforcement radar”!

In a particularly disturbing case a few years ago, we were able to successfully identify the source of a client’s significant drug issue set in a large manufacturing organization and upon identifying the source; we were able to get the cooperation of law enforcement. At the conclusion of our investigation, several employees were arrested and based on the strength of the evidence, they all pled guilty. It was during this process that they admitted that their primary source of income was dealing narcotics and they had specifically targeted our client’s company to hire them due to the large employee base in which to push their drug products.  By dealing to the company’s employee base and not selling the drugs on the street, they knew the likelihood of attracting any police attention was very slim. Had it not been for the client taking charge of fixing the problem and retaining our services to conduct the investigation, the subjects would have a very successful operation still ongoing today. We have also found individuals who are working through temporary employment agencies with the same strategy of penetrating a large organization in order to have a stable client base for their drug trafficking operations, knowing that if discovered in all likelihood the maximum result would be termination of their employment; a very unfitting consequence for such a serious issue.

Sept. 29: U.S. Attorney Zane Memeger, left, with FBI Special Agent in Charge, George Venizelos, and DEA acting Special Agent in Charge Vito Guarino speak during a media availability at the Department of Justice. More than three dozen people have been charged in a prescription drug sweep that included a raid on a Boeing plant near Philadelphia that makes military helicopters.

PHILADELPHIA –  Federal agents raided a Boeing plant that makes military helicopters in suburban Philadelphia on Thursday and charged more than three dozen people with distributing or trying to get prescription drugs, among them powerful painkillers.

The arrests were made by the FBI and the Drug Enforcement Administration at the 5,400-employee plant in Ridley Park, where workers build aircraft including the H-47 Chinook helicopter and the V-22 Osprey. The plant, part of Boeing’s Defense, Space and Security unit, is also the headquarters for its Rotorcraft division.

Read more…

  • LinkedIn
  • Twitter
  • YouTube