Security Experts:

Connect with us

Hi, what are you looking for?



FBI Director Visits Latvia and Estonia to Strengthen Anti-Cybercrime Efforts

FBI Director Pays Visit to Thank Latvian and Estonian Officials for Their Cooperation in Operation Ghost Click, Looks for Future Cooperation

FBI Director Pays Visit to Thank Latvian and Estonian Officials for Their Cooperation in Operation Ghost Click, Looks for Future Cooperation

Earlier this week, FBI Director Robert Mueller visited Latvia and Estonia in an effort to strengthen the FBI’s partnerships with the countries, and to thank Estonian Interior Minister Ken-Marti Vaher and Justice Minister Kristen Michal, as well as other authorities, for their cooperation with the FBI on recent international efforts to combat cybercrime.

During his visit, Mueller presented a plaque to the Police and Border Guard Board’s Criminal Police Department’s Second Division as a token of appreciation and thanks for their involvement in “Operation Ghost Click”, an international operation that disrupted a massive cybercrime scheme that infected more than four million computers with malware, and generated an estimated $14 million for a group of cybercriminals over a period of several years.

Photo of the meeting (Photo: Valdek Laur, Ministry of Justice)The announcement of the crackdown came in November 2011, following a two-year investigation of a cybercriminal gang based in Estonia, and resulted in the arrest of six of individuals in Estonia by Estonian authorities.

Following such a success, Mueller confirmed the FBI’s continued commitment to working with Estonia to combat cybercrime, the American Embassy in Tallinn said.

“The Director’s visit underscores the great appreciation we have for our Estonian counterparts,” said U.S. Ambassador Michael C. Polt in a statement. “The superb cooperation we have is only possible because of an atmosphere of mutual respect and trust. We are delighted that our FBI Director could come to Estonia to relay that sentiment in person and to encourage future joint efforts in combating international criminal activity.”

In Latvia, Director Mueller met with Latvia’s Prime Minister, Valdis Dombrovskis and other government leaders, and presented two plaques to Latvian enforcement entities for their efforts to combat cybercrime. Latvian authorities were also thanked for their part in Operation Ghost Click.

“I value the co-operation between our countries most highly and hope that it will continue as productively in the future,” said Justice Minister Kristen Michal. “In today’s world, crime knows no boundaries and such cooperation is especially essential in fighting cyber crime.”

The cybercriminals arrested in conjunction with Operation Ghost Click had been controlling a botnet that infected millions of computers with “DNSChanger” malware and over several years generated tens of millions of dollars in ill-gained profits.

While Operation Ghost click was a major success story, some problems still linger. According to Rod Rasumussen, President and CTO at IID, “Millions of these machines remain infected and there is a very real ‘deadline’ looming when a judicial order that is helping keep these infected computers working runs out.”

Following the bust, the FBI coordinated the setup of temporary DNS servers to keep the Internet “working” for systems infected with the DNSChanger malware. The key here is “temporary”, and when the supporting DNS Servers are taken down, many people will run into problems. “It is important to note that the replacement servers will not remove the DNSChanger malware—or other viruses it may have facilitated—from infected computers,” Rasmussen explains in a recent column. “On March 7, 2012 when the deadline arrives, millions of people may not be able to reach their intended Internet destinations.”

There is a chance the court order could be extended, but some say there is no time like the present to essentially force the users to resolve the issues and clean infected systems from the DNSChanger malware entirely. A report from earlier this month  showed that more than half of Fortune 500 companies and Government Agencies are infected With DNSChanger Malware.

More on the DNSChanger aftermath is available here.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.


US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...


Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack


The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.