post office break in...

[235u at comcast.net (D.E. Chadbourne)]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

hi, there's been some discussion on another list
(bugtraq at securityfocus.com) of a post ofice break in in israel (it seems
their post is like a bank).  i can't remember if we've already talked
about it...  thought some of you might find it interesting.  -eric.

<snip>
| Couldn't find any article in English, so I summarised all the facts
| and wrote my own.
|
| Israeli Post Office Break-In by Gadi Evron (ge at linuxbox.org),
|
| Senior security and virus researcher, eSafe, Aladdin Knowledge
| Systems.
|
| 11th of January, 2004.
|
|
| Last week a story came to life in Israeli news about a computer heist
| in an Haifa branch of the Israeli Postal Service, successfully
| stealing 56 thousand Shekels (a sum equal to about 13 thousands US
| Dollars) using a wireless networking device planted in a computer
| rack and hooked into the local computer network.
|
| About a month ago, a break-in was reported in a branch of the Israeli
| Postal Service (which is also a small bank in Israel) in the City of
| Haifa.
|
| Israeli Police detectives hurried to the scene, yet could find
| nothing missing or out of place.
|
| It is reported that last week (roughly 3 weeks after the incident)
| the Israeli Postal Service noticed large withdrawals of money from
| newly opened accounts, all originating from the Haifa branch.
| According to Postal Service this was detected by auditing abnormal
| transfers of money, a known technique used for fighting Financial
| Frauds.
|
| Postal Service personnel hurried to the branch. Upon further
| investigation the unauthorized device was discovered.
|
| Reports claim the scam took place as follows: 1.The break-in,
| installing the Wireless Gateway/Entry Point. 2."Dispensable Mob
| Soldiers" (as termed by the Police) of what the Police believes to be
| a vast and sophisticated crime gang, opened legitimate new accounts
| at the Postal Service bank. 3.A person, supposedly using a laptop at
| the distance of a few hundred meters, gained access to the Postal
| Service bank computer systems and initiated money transfers,
| illegally transferring money to the newly-opened accounts. 4.The
| perpetrators then attempted to withdraw the funds from the new
| accounts, which led to the arrest of four suspects. The suspects have
| yet to cooperate with the authorities, which are trying to locate the
| "brains" as well as the "hacker" behind the operation.
|
| An Israeli Police official was quoted saying "This computer crime
| takes us to year 3000."
|
| The hack itself could be performed in many different ways, accessing
| different computers, sniffing and re-constructing traffic, etc.
| Personally, I believe some inside information was used rather than
| pure network research.
|
| If we are to believe how this scam was "busted" and that financial
| auditing raised the alarm, we can presume that the legit-looking
| wireless networking device connected to the switch in the Postal
| Service branch would have gone undetected for a long time still. Had
| the perpetrators not gone ahead and withdrawn large sums of money,
| using statistical techniques to guide their actions instead, the
| heist would probably have been long over by the time the wireless
| networking device was found.
|
| On the conspiratorial side, it is quite possible the scam was
| detected by other means. With four suspects in custody, and rumors of
| quite a few people involved, one can speculate that someone within
| the crime ring might have talked. It is also possible that somebody
| actually noticed the legit-looking network hardware or that the
| police was already investigating this group when they came across
| this latest crime. I guess we won't find out until the case reaches a
| court of law.
|
| If this wireless networking device, that simply "appeared", had no
| reason to look suspicious in a computer rack that is virtually never
| opened, one would have to speculate the crime did not warrant a less
| "alarming" or "better hidden" device. This is a case of the right
| tool for the right job, with the correct amount of resources (cost
| vs. benefits, or risk vs. gain) invested in the illegal endeavor.
|
| The failing point of the operation in my personal opinion is the lack
| of knowledge in the statistics, financial and auditing systems to
| pull the operation through undetected.
|
| Furthermore, this crime provides us with a hint as to more advanced
| and sophisticated computer crimes and frauds taking place around the
| world, which are probably better executed for the very simple reason
| that we do not hear about them.
|
| Two such crimes that were recently reported, were the theft of
| servers holding face recognition counter-terrorism information from
| an Australian Airport and Industrial Espionage where a person
| unwisely emailed an entire credit company a Trojan horse.
|
| This story makes me wonder what else happens we never hear about.

- --
Please avoid sending me Word or PowerPoint attachments.
Plain text or OpenOffice.org attachments only.  Thanks.
See http://www.fsf.org/philosophy/no-word-attachments.html
SHAMELESS SELF PROMOTION at http://home.comcast.net/~235u/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFABqwGLlZzXRl+JnERAjwqAJ4s0sUPs3SHh8wXoFhcHC21JMwjkgCfSDQI
JvGD3i4AAopIOY7J7kVDbDk=
=6EO3
-----END PGP SIGNATURE-----