Isra-Mart srl : Hackers Caught in $38.5 Million Emission-Rights Theft

www.isra-mart.com

Isra-Mart SRL news:

ATHENS—Europol and Interpol working with European Union member police departments were able to prevent hackers from pocketing €28 million ($38.5 million) from the sale of stolen emission-trading rights, according to senior people directly involved in the matter.

"There was good coordination between Europol, Interpol and EU member police departments this week. Acting quickly within four hours after the emission rights thefts occurred, €28 million in money transfers were blocked," the senior person said.

A carbon-trading system sets a cap on the pollutants companies can emit and then forces heavy polluters to buy credits from companies that pollute less—creating financial incentives to cut emissions.

"The EU companies targeted have not actually suffered the losses and the hackers have not gotten a cent," the person added.

The hackers were based in Romania, the person said, and targeted servers in the countries where they wanted to steal carbon-dioxide credit, using them as robots to penetrate trading systems security and accessing member accounts through corporate systems that weren't well guarded.

"The hackers were very well organized and extremely hard to trace. For instance in Greece, they penetrated the server system of the University of Patras, using it as a Trojan horse using a Greek IP and then hit cement company Halyps. They stole €4 million in credits from the unsuspecting company," the senior person said.

The sophisticated cyber-thieves then sold the stolen emission rights to market participants in countries like the U.K., the Netherlands and Austria, but authorities quickly clamped down on the fund transfers.

"The hackers have been traced and identified. Arrests will be announced in the next few days, and their identities will be revealed," the senior person added.

Trading in carbon dioxide has been suspended in the EU. In Athens, transactions have been stopped since Jan. 19 and won't resume until an independent report is submitted to the European Commission that is deemed to be a satisfactory resolution of potential internet security issues, according to the local Ministry for the Environment, Energy and Climate Change.

"There is no such thing as a full proof computer as long it is connected to a modem. Local Greek companies need to better appreciate the threat and do more to secure their IT systems," said Manolis Sfakianakis, the head of the Cyber Crime Department in Greece.