FBI Director Pays Visit to Thank Latvian and Estonian Officials for Their Cooperation in Operation Ghost Click, Looks for Future Cooperation
Earlier this week, FBI Director Robert Mueller visited Latvia and Estonia in an effort to strengthen the FBI’s partnerships with the countries, and to thank Estonian Interior Minister Ken-Marti Vaher and Justice Minister Kristen Michal, as well as other authorities, for their cooperation with the FBI on recent international efforts to combat cybercrime.
During his visit, Mueller presented a plaque to the Police and Border Guard Board’s Criminal Police Department’s Second Division as a token of appreciation and thanks for their involvement in “Operation Ghost Click”, an international operation that disrupted a massive cybercrime scheme that infected more than four million computers with malware, and generated an estimated $14 million for a group of cybercriminals over a period of several years.
The announcement of the crackdown came in November 2011, following a two-year investigation of a cybercriminal gang based in Estonia, and resulted in the arrest of six of individuals in Estonia by Estonian authorities.
Following such a success, Mueller confirmed the FBI’s continued commitment to working with Estonia to combat cybercrime, the American Embassy in Tallinn said.
“The Director’s visit underscores the great appreciation we have for our Estonian counterparts,” said U.S. Ambassador Michael C. Polt in a statement. “The superb cooperation we have is only possible because of an atmosphere of mutual respect and trust. We are delighted that our FBI Director could come to Estonia to relay that sentiment in person and to encourage future joint efforts in combating international criminal activity.”
In Latvia, Director Mueller met with Latvia’s Prime Minister, Valdis Dombrovskis and other government leaders, and presented two plaques to Latvian enforcement entities for their efforts to combat cybercrime. Latvian authorities were also thanked for their part in Operation Ghost Click.
“I value the co-operation between our countries most highly and hope that it will continue as productively in the future,” said Justice Minister Kristen Michal. “In today’s world, crime knows no boundaries and such cooperation is especially essential in fighting cyber crime.”
The cybercriminals arrested in conjunction with Operation Ghost Click had been controlling a botnet that infected millions of computers with “DNSChanger” malware and over several years generated tens of millions of dollars in ill-gained profits.
While Operation Ghost click was a major success story, some problems still linger. According to Rod Rasumussen, President and CTO at IID, “Millions of these machines remain infected and there is a very real ‘deadline’ looming when a judicial order that is helping keep these infected computers working runs out.”
Following the bust, the FBI coordinated the setup of temporary DNS servers to keep the Internet “working” for systems infected with the DNSChanger malware. The key here is “temporary”, and when the supporting DNS Servers are taken down, many people will run into problems. “It is important to note that the replacement servers will not remove the DNSChanger malware—or other viruses it may have facilitated—from infected computers,” Rasmussen explains in a recent column. “On March 7, 2012 when the deadline arrives, millions of people may not be able to reach their intended Internet destinations.”
There is a chance the court order could be extended, but some say there is no time like the present to essentially force the users to resolve the issues and clean infected systems from the DNSChanger malware entirely. A report from earlier this month showed that more than half of Fortune 500 companies and Government Agencies are infected With DNSChanger Malware.
More on the DNSChanger aftermath is available here.
