Major public corporations and government agencies in Ireland were hit by US$23 million cyber frauds in the past year. Over 20 cyber attacks are being investigated by the Garda National Economic Crime Bureau (GNECB), but interestingly, there are no reported cases of bitcoin involvement.
Over the past two years, various law enforcement agencies and governments including Interpol and the government of the Philippines emphasized the importance of KYC/AML regulations for bitcoin, due to increasing cases of bitcoin-related cybercrime. However, representatives and investigators at the GNECB stated that the majority of cyber crimes involved bank payments and cash transfer, and were settled without the usage of bitcoin.
The largest case currently under investigation is a $7.3 million bank fraud initiated by an international gang composed of cyber criminals. An undisclosed “household name” Irish company were misled by criminals that instructed the company to send a bank deposit to an overseas account. While specifications of the incident aren’t made public yet, the entire process was completed through bank settlement.
“One of the largest cases we have is for €7m, a CEO fraud or invoice redirection fraud. Now we have recovered all of that. The bank stopped some of the funds from being transferred. The Garda’s Economic Crime Unit recovered the rest of the funds while they were in electronic transit in foreign bank accounts,” said Michael Gubbins, the head of the Garda Cyber Crime Bureau.
The method used in the $7.3 million fraud case is called “CEO Fraud,” wherein criminals target large companies to send payments to their CEOs. In the midst of settling the payment, the criminals change the details of the invoice and redirect the payment to an overseas account.
There exists several benefits and disadvantages in relying on traditional banking systems to initiate fraud. One benefit is that with proper identity washing or manipulation, it is virtually impossible to transparently track down the payment.
Also, the involvement of an overseas financial institutions means that the crime is out of the jurisdiction of local law enforcement agencies. In such a case, overseas financial institutions aren’t required to comply with law enforcement data requests, which may effectively terminate the investigation.
One major disadvantage however is that if the payment is described as a suspicious transaction, banks can temporarily suspend the transaction until it goes through a thorough verification process that is often manual. It is during this verification period in which law enforcement has the opportunity to retrieve the funds.
Inspector Gubbins stated that 66% of the $23 million are already recovered but the rest will most likely be stolen and redirected to alternative bank accounts by the criminals.
“About two-thirds of the €22m has been recovered but you still have substantial losses to various individuals and companies. They include State bodies, private bodies and PLCs. These are all CEO fraud or invoice redirection,” Gubbins stated.
While law enforcement and governments are focusing minimal bitcoin-involving ransomeware cases, multi-million dollar losses in the past year have resulted from bank frauds and illicit transfer of payments initiated and settled by traditional financial institutions.