Conspiracy of Hackers and Traders Uncovered in Multi-District Prosecution

Posted by Marion BachrachIt has been widely reported for some time that foreign hackers have penetrated the computer systems of U.S. businesses and have retrieved social security numbers, bank account numbers, and intellectual property.  Now, a recent federal investigation shows there are organized criminal conspiracies of hackers and securities traders who infiltrate entities with databases that serve as storehouses of information, and that these conspirators then net tremendous profits at the expense of the shareholders of public companies.A recent federal prosecution shows that the arm of the law can reach a conspiracy between hackers in the Ukraine and traders in various states along the eastern seaboard of the United States.  Federal law enforcement have discovered that hackers living abroad targeted newswire computer networks that receive information about corporate earnings, forecasts, mergers and acquisitions, all of which is meant to be kept secret until the newswire actually publishes the press release to news organizations. The detailed indictments make clear that the foreign hackers deployed a series of different types of attacks on the newswire databases, including:brute force attacks, which decrypt data by running automated attacks aimed at breaking usernames and passwords, even those passed through an encryption algorithm; phishing, a term that refers to emails disguised as legitimate communications from a trustworthy source, which contains a link to malware;surreptitious infiltration of servers, andSQL attacks, which inject structured query language designed to retrieve and manage information stored in the target database.Once the hackers acquired stolen employee login credentials or used other forms of infiltration, they could maneuver freely in the newswires’ computer networks.  In that way, the hackers accessed material nonpublic information sent by targeted Fortune 500 companies within the tight window of time before that information was set to be publicly released. They then shared the stolen information with traders in the United States with whom they were associated by family ties or through other relationships.  The hackers’ business associates, who had brokerage accounts with well known firms including Charles Schwab, E*Trade, Merrill Lynch and Ameritrade, used those electronic platforms to implement immediate trading strategies using the purloined information.  The conspirators were so brazen that the hackers emailed the traders video instructions on how to root around in the newswire databases and conceal their Internet Protocol (IP) addresses.In an unusual joint prosecutorial show of force, four traders, who reside variously in Brooklyn, Pennsylvania and Georgia, are being prosecuted by the U.S. Attorney for the Eastern District of New York; and two hackers and three traders, who reside variously in the Ukraine and in the state of Georgia, are being prosecuted by the U.S. Attorney for New Jersey where some of the servers were located.  The charges include conspiracy, mail and wire fraud, securities fraud, computer fraud, identity theft, and money laundering.  The government charges that the criminal defendants netted more 30 million dollars which they tried to secrete, using, among other things, foreign bank accounts, and seeks forfeiture of all proceeds, including trading accounts, bank accounts, and real property.The SEC also brought civil fraud charges against 32 defendants from seven countries for scheming to make over $100 million of profit from material nonpublic information hacked from the newswire computer databases.  At the same time, the Commission instituted asset freezes.  Recently, a Ukrainian firm, Jaspen Capital Partners Limited, and its CEO Andriy Supranonok, agreed to pay $30 million by way of settlement of the SEC civil fraud charges.