Officials say that they had long ago identified a Russian crime syndicate as the perpetrator of dozens of high profile attacks over the last seven years, including the recent Neiman Marcus data breach, but that the lack of cooperation from Russian authorities has made the dismantling of the group nearly impossible.
“The FBI has tried to get cooperation, the State Department has asked for help and nothing happens, so law enforcement options under the current circumstances are pretty negligible,” said Richard Clarke, formerly a special adviser for cybersecurity to the Bush administration.
The Target and Michaels Stores’ data losses, previously believed to be connected to the Nieman Marcus breach, are now believed to be the work of smaller, less sophisticated operations from eastern Europe, which is becoming a haven for criminal activity due to the prevalence of inexpensive exploit tools widely available of the black market.
“We’re really expanding the base of criminals committing some of the attacks that used to be limited to the best of the best,” said Kimberly Peretti, a former cybercrime prosecutor at the Justice Department. “Even just a couple of years ago there was a sense that if we took those top individuals out of play we’d make a dent in some of the more sophisticated attacks.”
Neiman Marcus estimated that the breach of customer data exposed as many as 1.1 million customer accounts, far from the estimated 110 million Target customer accounts compromised in a similar breach affecting point-of-sale (POS) systems, but nonetheless disconcerting.
In late January, the FBI issued an advisory to retailers warning that the “memory-parsing” malware that infects POS systems such as cash registers and credit-card terminals used in the Neiman Marcus and Target breaches has been connected to some 20 other hacking cases in the past year, and to expect more breaches to come.
The attackers behinf the Neiman Marcus breach are said to have also compromised systems at 7-Eleven Inc., JetBlue Airways Corp., J.C. Penney, Visa Inc., and the French retailer Carrefour SA.
“Some of the hacking groups connected to large data breaches are not necessarily static organizations, but loose confederations of hackers who come together to commit a particular hack or series of hacks, swapping members in and out based on the skills needed,” said Christopher Kelly of the U.S. Attorney’s office in New Jersey.
Read More Here…