21 November 2014
Five people have been arrested in the UK as part of an international operation targeting users of software designed to remotely take over, control and steal information from computers.
Led in the UK by the National Crime Agency (NCA), and involving officers from a number of police Regional Organised Crime Units (ROCUs), raids carried out over several days focused on the threat posed by tools known as Remote Access Trojans (RATs).
The UK operation is part of international activity, coordinated through Europol, which has resulted in a total of 11 further individuals being apprehended across Estonia, France, Romania, Latvia, Italy, and Norway.
The UK arrests and warrants executed consisted of:
- A 33-year-old man, arrested in Armley, Leeds by the NCA’s National Cyber Crime Unit (NCCU) on 20 November
- A 30-year-old woman, arrested in Armley, Leeds by the NCA’s NCCU on 20 November
- A 33-year-old man, arrested in Leeds by the NCA’s NCCU on 20 November
- A 20-year-old man, arrested in Chatham, Kent, by the South East ROCU (SEROCU) on 19 November
- A 40 year old, arrested in Darlington, by the Yorkshire and Humber Regional Cyber Crime Unit
- A search warrant executed on a 19-year-old man, from Liverpool by the West Midlands ROCU who has been brought in for voluntary questioning on 21 November
Support to the operation was also provided by officers from the Eastern Region Special Operations Unit ROCU and TITAN, the North West ROCU. The investigation is being run in conjunction with the Crown Prosecution Service’s Organised Crime Division.
In addition to arresting people believed to have used RATs, the NCA is using a variety of approaches to warn individuals that any movement into cyber criminality will result in further action.
Criminals who successfully deploy RATs can gain complete control over target computers, wherever they are in the world. They can turn victims’ webcams on and off, access banking or other personal information, download new and potentially illegal content, and instruct the victim’s computer to help commit acts of criminality such as Distributed Denial of Service (DDOS) attacks.
Victims are typically infected by being convinced to click on a link purporting to be a picture or video, or disguised as a legitimate file, but is instead an installer for the RAT. In many cases, those who unwittingly install such trojans will have no indication that their machine is infected.
Andy Archibald, Deputy Director of the NCA’s National Cyber Crime Unit, said:
“The illegal use of Remote Access Trojans is a significant cyber crime threat, demanding this kind of strong, coordinated response from international to local UK level. Suspected users of RATs are continuing to find that, despite having no physical contact or interaction with their victims, they can still be identified, tracked down and arrested by the NCA and its partners.
“This operation demonstrates once again that all of UK law enforcement is working to respond effectively to cyber crime, and together we will continue to collaboratively target those who use technology to misuse other people’s devices, steal their money, or unlawfully access confidential information.
“Anyone who is tempted to get involved in this type of crime should understand that it can result in prison time, and substantial restrictions on your life afterwards.”
Peter Goodman, East Midlands Deputy Chief Constable and ACPO Cyber Crime lead, said:
“Cyber criminals are using very sophisticated technology to breach online security systems and to conceal their digital tracks. However, the police forces in the UK and overseas have the expertise to identify and disrupt those who are determined to access computers in order to steal data or to commit serious offences, wherever they are in the world.
“The response on this occasion has been enforcement action through the National Crime Agency and Regional Organised Crime Units in the UK, and Europol overseas, to strike a blow against a particularly pernicious and invasive form of cyber-criminality.
“Nevertheless, there is so much the public can do to safeguard their data and to prevent falling victim to the activities of cyber criminals. The www.cyberstreetwise.com and www.getsafeoline.org websites have lots of excellent advice to help ensure that individuals and businesses can take practical, affordable steps to make their computers and devices more secure.”
To help reduce the risk to individuals and businesses from malicious RAT use, the NCA continues to urge everybody to avoid clicking on unknown links, or files sent from unidentified or suspicious sources.
It is also vital to ensure that security software and computer operating systems are kept up to date.
- Be careful what you post online. Criminals can research victims acquire information which can later be used to exploit the victim
- Use strong passwords for your devices and online applications
- Buy legitimate software from reputable companies, and download free software with caution
- Back up devices so that important files and documents can be recovered
- Report internet crime to Action Fraud, at www.actionfraud.police.uk