Skip to main content

FBI warns U.S. businesses of new Chinese cybercrime scheme

By Terry Frieden, CNN Justice Producer
The FBI is warning U.S. businesses about a cybercrime scheme emanating from a remote area of China.
The FBI is warning U.S. businesses about a cybercrime scheme emanating from a remote area of China.
  • The FBI warns U.S. businesses of cybercrime involving a remote corner of China
  • Millions of dollars have fraudulently gone from U.S. companies to Chinese firms
  • At least $11 million in wire transfers has gone to remote Heilongjiang province

Washington (CNN) -- FBI agents combating international cybercrime are currently battling hackers on two new fronts -- from a remote corner of China to the virtual battlefields of "Call of Duty" emanating from the family playroom.

On the international stage, FBI cybersleuths have informed U.S. businesses that millions of dollars have been fraudulently wired from business accounts in U.S. banks to banks in a remote coastal region of China near the Russian border.

The FBI says apparently legitimately licensed Chinese economic and trade companies have successfully stolen at least $11 million dollars in a series of wire transfers to Heilongjiang province.

U.S. experts don't quite know what to make of the scam that has surfaced 20 times in the past year. But it is increasing in frequency to the point the FBI has declared the problem a "trend." In this investigation agents have discovered Chinese efforts to defraud U.S. businesses of about $20 million.

The fraud scheme prompted the FBI's Internet Crime Complaint Center to disclose the case and issue an unusually detailed description of the problem they confront.

"It is unknown who is behind these unauthorized transfers, if the Chinese accounts were the final transfer destination or if the funds were transferred elsewhere, or why legitimate companies received the unauthorized funds," the center disclosed in its "fraud alert."

Law enforcement officials say the targeted businesses generally have accounts at local community banks and credit unions. The cybercriminals gain access through compromising the computer of an unsuspecting company employee.

The FBI advised U.S. banks to notify their business customers of any suspicious wire activity going to any of these Chinese port cities: Raohe, Fuyuan, Jixi City, Xunke, Tongjiang, and Dongning.

Meanwhile, U.S. authorities are working with Sony officials to investigate the huge hacking case in which personal data of an estimated 77 million players of Sony PlayStation games may have been compromised.

Officials at Sony now acknowledge names, e-mail addresses, passwords, logins and security questions could have been compromised. It is unknown to what extent credit-card information may have been accessed, officials said.

"We are presently reviewing the available information in an effort to determine the facts and circumstances concerning this alleged criminal activity," said the FBI field office in San Diego.

Word of these computer intrusions comes as the Justice Department inspector general issued a report giving the FBI a mixed report card on its ability to address the National Security cyberintrusion threat.

The report credited the FBI with "some operational successes in mitigating cyber threats against the United States."

However, the report said the National Cyber Investigative Joint Task Force led by the FBI "needs to continue to improve its capabilities to combat cyber attacks," and "was not always sharing information about cyber threats among the partner agencies."

Investigators for Inspector General Glenn Fine also interviewed a small number of cyberinvestigators at 10 of the FBI's 54 field offices. Of 36 agents interviewed, 13 acknowledged they did not have the entire skill set recommended for dealing with National Security computer intrusions.

Despite the small sampling, the ranking Republican on the Senate Homeland Security Committee said, "It is so troubling that the federal government has not adequately trained its cyber professionals to combat these threats." Sen. Susan Collins of Maine noted the report indicated "about one third of the FBI's cyberinvestigative squads surveyed lacked the forensic and analytical expertise to adequately investigate intrusions."

FBI Associate Deputy Director T.J. Harrington defended the bureau's actions.

"Indeed, the report reflects that the FBI completed the vast majority (20 out of 22) milestones that were set to be accomplished by March, 2010," he said. Harrington said the FBI had revised its policy of frequently rotating cyberagents, which would resolve issues the inspector general had raised.

All parties agreed that the number of cyberintrusions continues to grow and represents a massive challenge.

The number of incidents of unauthorized access to U.S. government computers has grown from 2,172 in 2006 to 3,928 in 2007 to 5,499 in 2008. That is the latest publicly available figure. Several thousand annually are considered to have potential national security implications.