With approximately 1.4 billion yen stolen by cybercriminals in 2013 and 600 million yen already stolen in 2014 in Japan, global leader in cloud security, Trend Micro Incorporated joined hands with Tokyo Metropolitan Police Department in the fight against cybercrimes. Using information provided by Trend Micro’s Forward-Looking Threat Research Team, the Tokyo Metropolitan Police Department successfully cracked down on online financial theft cases that were plaguing the country.
Trend Micro’s Forward-Looking Threat Research Team enabled the police force to track down and identify cybercriminals behind said financial crimes by analyzing command-and-control servers, stolen information and malware.To commend the company for its expert guidance and thought-leadership, a certificate of appreciation was awarded to Trend Micro by the Tokyo Metropolitan Police Department.
“Consumers and enterprises today are increasingly reliant on internet services, whether it is making retail purchases or managing financial transactions. The promise of easy money remains the biggest driver for cybercriminals, motivating them to steal personal information that would lead them to the money. Online banking information when stolen enables cybercriminals to transfer funds illegally out of victims’ accounts. Based on Trend Micro’s recent security roundup report for the first quarter of 2014, Japan and India are the most affected countries by online banking malware in the region,15% and 37% growth comparing January to March case volumes respectively for both countries,”comments Dhanya Thakkar, Managing Director, India & SEA, Trend Micro
In the case of the infamousbanking Trojan dubbed “TSPY_ZBOT”,cybercriminals used WebInjects to simulate screen displaysof a bank’s online website to collect confidential banking information from unsuspecting users. The stolen informationis then stored ina cybercriminal-controlled serverfor further manipulation. By analyzing the WebInject modules, Trend Micro could identifythe server where stolen information was stored, pinpoint victims who are at risk of online financial thefts, and quickly prevent actual financial loss through reactionary methods, such as freezing compromised bank accounts before the money is transferred to the cybercriminals.
According to Trend Micro’s threat experts, there are a number of ways to combat financial thefts such as taking down the server in question or through server monitoring. The former is a temporary solution at best and may motivate cybercriminals to devise more sophisticated attacks, while the latter is more preferable as it provides security experts with a clearer picture of the attack and a better control of the situation. Through server monitoring, the authority can prevent new attacks by simply waiting for cybercriminals to log into the server to obtain stolen information.
With a corporate vision to create a world safe enough for exchanging digital information, Trend Micro established the Trend Micro Security Incident Response Team which serves as a contact point of cooperation for security-raising activities in Japan. In addition, the company’s internal research groups such as the Forward-Looking Threat Research Team provides concerned organizations with important information that can help bust cybercrimes.
“Our success pivots on the strong public-private collaboration with the police force. With cybercrimes growing in frequency and cybercriminals becoming more sophisticated, it is absolutely necessary to collaborate with concerned organizations to tackle cybercrimes of this nature, scale and complexity. We believe in joint-partnerships and welcome collaboration with public and private sectors in the fight against cybercrimes,” adds Dhanya Thakkar.
Beyond Japan, Trend Micro has existing partnerships with Interpol. With a unified goal in mind to put cybercriminals behind bars, Trend Micro works directly with investigators to determine the information they need as part of their investigation, focusing on arresting cybercriminals to fully protect consumers, instead of quick, temporary “technical” solutions such as shutting down servers, taking down botnets or seizing domains.