November 28, 2011
Possible Link Between AT&T Phone Hacking, Terrorists
Four cybercriminals arrested in the Philippines last Wednesday were allegedly paid by terrorists to hack into the accounts of AT&T business customers, the FBI and that country's Criminal Investigation and Detection Group (CIDG) told reporters over the weekend.
According to Somini Sengupta of the New York Times and CNET's Steven Musil, the three men and one woman arrested in multiple raids conducted in the capital city of Manila were affiliated with an individual named Muhammad Zamir.
Zamir is described by Musil as "a Pakistani arrested by the FBI in 2007 who was associated with Jemaah Islamiah, a Southeast Asian militant group with links to Al Qaeda."
Jemaah Islamiah, Sengupta said, has been linked to Al Qaeda and were responsible for a 2002 bombing in Bali that resulted in more than 200 deaths.
In addition, Musil says that the Zamir's group, which is based in Saudi Arabia, has also been identified by the FBI as the organization which funded a 2008 attack on Mumbai. That attack killed 164 and wounded more than 300 others.
Sengupta says that the FBI is working with the CIDG in the investigation, and that it is believed that the phone hacking attempts could date back to 2009.
The suspects reportedly were able to gain access to phone operating systems of an unknown number of AT&T customers. They then used those accounts to call telephone numbers which "passed on revenues to the suspects," the Times reported.
"The suspects hacked the trunk-like PBX (private branch exchange) phone lines of different telecommunications companies, including AT&T, the CIDG said. Money stolen in the hacks was diverted to bank accounts belonging to the terrorists, who paid the Filipino hackers on commission," Musil added.
If the link between the accused cybercriminals and Jemaah Islamiyah proves to be true, "it would point to a troubling connection between hackers and terrorist cells," Sengupta said.
In a statement, CIDG said that the company could have lost up to $2 million as a result of the hacking. According to Reuters, AT&T said that they had to write off "some fraudulent charges that appeared on customer bills," but did not comment on reports that the losses had been in the millions.
"AT&T and its network were neither targeted nor breached by the hackers," AT&T spokeswoman Jan Rasmussen told the wire service. "AT&T only assisted law enforcement in the investigation that led to the arrest of a group of hackers."
Reuters also identified one of the individuals arrested as Paul Michael Kwan, a 29-year-old who CIDG Anti-Transnational and Cyber Crime Division (ATCCD) Chief Police Senior Superintendent Gilbert Sosa said had been arrested back in 2007 as part of an international FBI investigation on organizations believed to be financing militant activities.
On the Net: