Collaring the (Alleged) Leader of a BEC Gang
A joint operation by INTERPOL and the cybercrime unit of the Nigeria Police Force have concluded a yearlong investigation into the SilverTerrier business email compromise gang by arresting the man they believe is the gang’s leader.
“The arrest of this alleged prominent cybercriminal in Nigeria is testament to the perseverance of our international coalition of law enforcement and INTERPOL’s private sector partners in combating cybercrime,” said Garba Baba Umar, Assistant Inspector General of the Nigeria Police Force, Head of Nigeria’s INTERPOL National Central Bureau and Vice President for Africa on INTERPOL’s Executive Committee. “I hope the results of Operation Delilah will stand as a reminder to cybercriminals across the world that law enforcement will continue to pursue them, and that this arrest will bring comfort to victims of the suspect’s alleged campaigns,” he added.
Bernardo Pillot, INTERPOL’s Assistant Director, Cybercrime Operations, said, “This case underlines both the global nature of cybercrime and the commitment required to deliver a successful arrest through a global to regional operational approach in combatting cybercrime.”
The investigation, which the police called Operation Delilah, was assisted by three private companies: Palo Alto Networks, Group-IB, and Trend Micro. Palo Alto’s Unit 42 blog provinces some interesting perspective on how closely and relentlessly the investigators tracked the unnamed suspect’s activities. Emailed comments from Group-IB highlighted the benefits of public-private cooperation in breaking cybercrime cases. “Prompt threat intelligence sharing, private-public partnership, and effective multi-party coordination by INTERPOL’s Cybercrime Directorate were crucial to the success of the operation, the company’s CEO, Dmitry Volkov said in an emailed statement.
Business email compromise has long been one of the more damaging crimes that depends upon social engineering, and it’s gratifying to see a successful international investigation with significant participation by the private sector. New-school security awareness training can enable your employees to avoid falling for scams and other forms of social engineering.