Ercan Findikoglu who had been arrested in Germany in December of 2013 finally was extradited to the United States where last week he was arraigned on charges related to three major cyberattacks on the global financial system. Findikoglu, a Turkish citizen is alleged to be the kingpin of an international gang that hacked into three credit and debit card processors and then manipulated the account data on prepaid debit cards to be dramatically increase the balances. Findikoglu then is alleged to have distributed the stolen debit card information to cohorts around the world who would create cards and then use the phony cards to withdraw money from ATMs around the world. One plot targeted cards issued by JP Morgan Chase, another by the National Bank of Ras Al-Khaimah in the United Arab Emirates and a third plot targeted cards issued by Bank Muscat in Oman. The debit cards of Bank Muscat were distributed to gang members in 24 countries who within a two day period did 36,000 ATM withdrawals totaling 40 million dollars. The total amount stolen through all three bank hacks was 55 million dollars.
The international cooperation involved in this case is good news in the battle against cybercrime which is a crime that knows no borders. Often the type of international cooperation required to effectively combat such cybercrime is lacking in the international community. Hopefully, this case provides an indication of a positive change in the war against cybercrime. Another positive change that is necessary in the battle against cybercrime is greater cooperation between hacked companies and law enforcement and other governmental agencies. To date, Congress has not enacted the legislation necessary to make this happen, but it is expected that in the not too distant future we will see such laws mandating greater disclosure and cooperation between government and business.