Today’s Historic Hack reminds us that security must cover entire operations from the ground up within organizations. Hacks can occur through other methods than the typical digital communications that we are used to hearing about in headlines. Physical and telecommunication efforts must also be protected. Today in Historic Hacks, the case of Vladimir Levin is shown as a great example of why security must be all-encompassing.
In 1995, Vladimir Levin shocked authorities when he re-routed $10 million dollars out of unsuspecting Citibank accounts. What’s unique about Levin is the fact that he accomplished this criminal feat without using the internet. Levin stole millions of dollars by hacking into telephone systems to overhear customers reveal sensitive information like account numbers, PINs, and verification information like social security numbers, dates of birth, and passwords. Leven then dialed in the numbers he listened in on to move money from the rightful accounts to place it in bank accounts around the world.
Levin, a computer programmer from St. Petersburg, Russia, was not alone in his criminal deeds. According to Cyber World Fraud, Levin was working as a systems administrator for AO Saturn, a St. Petersburg trading company when he met a former bus driver who had relocated to San Francisco to become an entrepreneur.
Cyber World Fraud writes that “Levin allegedly told his new friend he had found out how to wire-transfer money out of the bank’s computer system. Twice already, he allegedly bragged, he had squirreled substantial amounts into his own account in Finland. Court documents say Levin’s colleague became a partner in what would become a multinational hacker ring.”
A few weeks later, Levin began withdrawing $400,000 increments out of Citibank accounts. Citibank later reported that Levin was able to access the fund through the company’s telephone cash management system, a system that was neither protected nor encrypted. He used valid account information and simply made the transfers. Levin accomplished a good old-fashioned bank robbery but without a gun, mask, note, or hostages. The theft was a robbery for the history books in the early days of the technological era.
Dial 9 for justice
However clever the crime, Levin and his accomplices were soon caught. Three of Levin’s associates were arrested for a separate crime for attempting to withdraw money from banks in San Francisco, Rotterdam, and Tel Aviv. Upon questioning, the three divulged information regarding Levin and their earlier theft, and Levin was subsequently arrested by Scotland Yard in 1995.
In 1997 Levin was extradited to the United States and tried in New York. He confessed to carrying out numerous crimes including conspiracy to defraud and the theft of $3.7 million. In the end, all but $400,000 was recovered. The Wall Street Journal states that Levin was sentenced to three years in prison and was ordered to repay $240,000 to Citibank.
Since Levin’s fraud, banks have implemented additional security features to safeguard all access points within the banking structure. Levin was a pioneer in new technology fraud and deception. This historic hack’s notability depended on the creativity and innovation of the criminals involved and stands as a testament for all-inclusive security for any organization. From secure door locks to encrypted data, organizations and businesses are forced to stay one step ahead of the bad guys.
This article was brought to you by VPS.net, for dedicated server hosting, cloud servers and 24/7 support visit our site here vps.net