9,000 Asean servers infected: Interpol

An estimated 9,000 command and control (C2) servers and hundreds of compromised websites were identified across Asean in an Interpol cyber probe.

The global policing alliance said the C2 servers were active across eight countries and included malware targeted at financial institutions, ransomware, distributed denial of service attacks and spam emails.

Around 270 websites, including several government sites containing citizens’ personal details, were also infected with malware that could find weaknesses in web-design applications, Interpol said.

One Indonesia-based group was selling phishing kits on the dark web and had openly posted YouTube videos explaining how to use the software.

Singapore earlier this month expanded laws to allow anyone that used or transacted with illegally obtained personal information to be prosecuted, even if they were not responsible for the security breach. The amended Computer Misuse and Cybersecurity Act criminalised any act dealing in personal information obtained via acts considered illegal, such as hacking and identity fraud. This meant that businesses or individuals that provided, obtained or retained hacked personal data could be charged, even if they were not responsible for the original security breach.

Leading the recent operation is Interpol’s Global Complex for Innovation (IGCI) in Singapore working with the police in Indonesia, Malaysia, Myanmar, Philippines, Singapore, Thailand, Vietnam and China.

Interpol says investigations are ongoing.

Seven cyber-security companies, Trend Micro, Cyber Defense Institute, Booz Allen Hamilton, British Telecom, Fortinet, Palo Alto Networks and Kaspersky, provided data.

IGCI executive director Noboru Nakatani (pictured) praised the cooperation between the public and private sectors.

He explained: “With direct access to the information, expertise and capabilities of the private sector and specialists from the Cyber Fusion Centre, participants were able to fully appreciate the scale and scope of cyber crime actors across the region and in their countries”.

“Sharing intelligence was the basis of the success of this operation, and such cooperation is vital for long term effectiveness in managing cooperation networks for both future operations and day to day activity in combating cybercrime,” Nakatani added.

Picture credit: Flickr