This is the article Winn Schwartau cited to last night: ---------- The Sunday Times (London), June 2, 1996, pp. 1, 24. City surrenders to L400m gangs [Insight column] City of London financial institutions have paid huge sums to international gangs of sophisticated "cyber terrorists" who have amassed up to L400m worldwide by threatening to wipe out computer systems. Banks, broking firms and investment houses in America have also secretly paid ransom to prevent costly computer meltdown and a collapse in confidence among their customers, according to sources in Whitehall and Washington. An Insight investigation has established that British and American agencies are examining more than 40 "attacks" on financial institutions in London and New York since 1993. Victims have paid up to L13m a time after the blackmailers demonstrated their ability to bnng trading to a halt using advanced "information warfare" techniques learnt from the military. According to the American National Security Agency (NSA), they have penetrated computer systems using "logic bombs" (coded devices that can be remotely detonated), electromagnetic pulses and "high emission radio frequency guns", which blow a devastating electronic "wind" through a computer system. They have also left encrypted threats at the highest security levels, reading: "Now do you believe we can destroy your computers?" The authorities have been unable to stem the attacks, which are thought to onginate from the United States. In most cases, victim banks have failed to notify the police. "They have given in to blackmail rather than risk a collapse in confidence in their security systems," said a security director at one blue-chip merchant bank in the City. A senior detective in the City of London police said: "We are aware of the extortion methods, but the banking community has ways of dealing with it and rarely reports to the police." European and American police forces have set up special units to tackle the cyber criminals, who, Ministry of Defence sources believe, have netted between L200m and L400m globally over the past three years. But law enforcement agencies complain that senior financiers have closed ranks and are hindering inquiries. Experts in the field of information warfare met in Brussels last month to discuss defensive measures. Representatives included Captain Patrick Tyrrell, assistant director of computer information strategy at the Ministry of Defence; General James McCarthy, professor of national security at the US Air Force Academy; General Jean Pichot-Duclos, director of the economic intelligence department of the French Defence Council, and senior figures from the civilian computer industries. A separate closed meeting involving representatives from Whitehall and the intelligence community was held to analyse the 40 attacks on British and American financial centres since 1993. A further secret seminar took place in Washington this weekend. Kroll Associates, the international investigating firm, confirmed last week that it had acted for financial institutions that have been blackmailed. "One of the problems we face is that the potential embarrassment from loss of face is very senous," said a spokesman in New York. Kroll had evidence that firms in London and New York had been targeted. "The problem for law enforcement is that the crime is carried out globally, but law enforcement stops at the frontier," he said. Yesterday a Bank of England spokesman acknowleged the threat from the extortionists: "We are aware of this. It does exist. It is extortion and fraud." But the spokesman also insisted: "It is not the biggest issue in the banking market." Scotland Yard is now taking part in a Europe-wide initiative to catch the cyber criminals and has appointed a senior detective from its computer crime unit to take part in an operation codenamed Lathe Gambit. Such is the secrecy that few details about the inquiry have emerged. In America, the FBI has set up three separate units to investigate computer extortion. The NSA believes there are four cyber gangs and has evidence that at least one is based in Russia. The agency is now examining four examples of blackmail said to have occurred in London: + January 6, 1993: Trading halted at a broking house after blackmail threat and computer crash. Ransom of L10m paid to account in Zurich. + January 14, 1993: a blue-chip bank paid L12.5m after blackmail threats. + January 29, 1993: a broking house paid L10m in ransom after similar threats. + March 17, 1995: a defence firm paid L10m in ransom. In all four incidents, the gangs made threats to senior directors and demonstrated that they had the capacity to crash a computer system. Each victim conceded to the blackmailers' demands within hours and tranferred the money to offshore bank accounts, from which it was removed by the gangs within minutes. The techniques have varied. In London, criminals posing as marketing firms have gained detailed knowledge of a target's system by interviewing the heads of information technology departments. In some cases, they have even issued questionnaires to unsuspecting officials. Armed with this information, they have been able to breach security and leave encrypted messages warning of their capability. The gangs are believed to have gained expertise in information warfare techniques from the American military, which is developing "weapons" that can disable or destroy computer hardware. Some are also known to have infiltrated banks simply by placing saboteurs on their payroll as temporary staff. Little is yet known about the identities of the gangs but, according to the NSA, America is the main source of the attacks. It believes that at least one other group originates from Russia and has followed the movement of money to the former Soviet states. A spokesman for the Metropoiitan poiice said: "There is potential for extortion from those purporting to know how to damage computer systems. "The computer crime unit liaises where necessary with its Euro counterparts to discuss cross-frontier crimes." One merchant bank director said yesterday: "You will never get a financial institution to admit it has an extortion policy, let alone that it has paid money to blackmailers." ----- Additional reporting: Peter Warren [End]