Cybercrime Police in California Put High Priority Emphasis On Cryptocurrency SIM Swapping Attackers
California Cybercrimes Police Is Focused On Attacking SIM Swapping As A High Priority
The law enforcement for cybercrimes has to be fast. Everything changes in a year or so, so new threats are appearing all the time. Now, the U. S. law enforcement, especially, the cybercrimes police from California, has decided to take SIM swapping cases, which have come to prominence recently, as one of their highest priorities at the moment.
KrebsonSecurity, an investigation and security news blog has reported today, November 7, about the efforts from the cyberpolice. The site interviewed members of the REACT Task Force, based in Santa Clara, California, in order to know how they are going to track down individuals making unauthorized SIM swaps.
According to the piece, the supervisor for the initiative will be Samy Tarazi, a police sergeant that has affirmed that crime has dramatically increased for SIM swapping activity lately. Why has the team decided to focus so much on SIM swapping? For two main reasons, they affirm: most of the people attacked by SIM swapping crimes live in California or at least have a business there and the numbers are off the charts now.
SIM swapping crimes have increased simply exponentially in the last year, mostly to steal cryptos from victims. Because of this, the unit had to change its focus and streamline it into stopping SIM Swapping. Therefore, this is the highest priority now.
Something interesting, though, is that Tarazi has affirmed that only a handful of individuals are behind most of the attacks. According to the team, not a lot more than a dozen individuals is behind most of the attacks, the attacks are just more prominent because the group is more organized now.
He seems concerned that “kids” from 19 to 22 years old are able to steal millions of dollars in cryptos. To show the gravity of the issue, he has affirmed that kids buy a 99 cent SIM card on eBay, a burner phone and then steal millions of dollars. This is unseen.
What Is SIM Swapping?
SIM swapping is the act of remotely hacking a SIM card from a mobile device that you do not own. While the process is very complex and no regular user would be able to pull it off easily, the main problem here draws from the fact that the hackers are very skilled and that SIM swapping is cheap to do and very profitable.
While planning a DDoS attack, for instance, would need huge resources, technology has moved very fast and now there are ways to attack people without spending even 50 bucks and getting millions of dollars.
While most cases see the users tricking the companies into giving them information, generally, they either blackmail people from the phone companies into giving them access or have already worked in one of these companies and have some sort of access to them.
By cloning the SIM of the user and getting access to his accounts, these criminals are able to steal a huge amount of money that simply make them very dangerous criminals.
They target rich people from Silicon Valley most of the time and exploit how unprepared phone companies are to deal with the situation. The thieves are getting increasingly better and it preoccupies the REACT team. They generally focus on stealing cryptos because the transactions cannot be undone. This makes the money even easier to steal.
Many victims are scared that their personal information might be used, the REACT team affirmed during the interview, but the hackers are generally only really interested in making money and moving forward to the next target.
How To Prevent These Crimes?
At the moment, there is not a single answer as to how can someone stop SIM swapping. Telecommunication companies seem somewhat interested in solving the issue but their employees are generally very badly paid. A member of the REACT team has talked about the issue, affirming that when you only make $12 USD per hour, it can be a sweet deal if someone wants to pay you $400 USD for a single SIM swap.
The main problem, they believe, is having operators that are badly paid and do not have any oversight making these transactions that can be used to clone cards. The companies need to invest in protection if they do not want their clients to be prey from these hackers.
Another issue is that people legitimately request SIM swaps all the time so there is this issue as well. Most of the attacks rely on the capacity of a not very well trained or motivated individual in cooperating with the swap, though.
Creating new defenses and maybe a better workforce could prevent this type of crime, but the truth is that companies will only be motivated to do it when they suffer heavy financial losses for their irresponsibility.
For now, two-factor authentication seems to be a good idea. It is not very hard for the users to actually make it work and they will have additional protection because they will have to be hacked twice in order for someone to access their funds.