The National Crime Agency (NCA) has arrested 56 suspected hackers in 25 separate operations this week in a bid to apprehend people believed to be behind denial-of-service attacks, data theft, fraud and virus writing.
The NCA also took the unusual step this week of visiting 70 companies to warn them that their servers are vulnerable to attack and could be compromised to either send spam or to act as springboards for attacks on other organisations’ IT infrastructure.
The BBC – whose reporters accompanied police on one of the raids – claims that alleged members of hacking groups Lizard Squad and D33Ds Company are among the suspects.
One of the people arrested in the raids is a man suspected of involvement in a 2012 attack on web company Yahoo. D33Ds is believed to have been behind the attack on Yahoo’s Ymail service, which resulted in the theft of some 400,000 email addresses and accompanying passwords. The police have reportedly been working partly with information provided by the US Federal Bureau of Investigation.
BBC technology correspondent Rory Cellan-Jones joined the NCA in one of its swoops – a 21-year-old student arrested at a flat in North London.
“The arrest had some of the drama of a classic police operation,” wrote Cellan-Jones on the BBC website. “‘Go! Go! Go,’ came the command over the walkie-talkie as we approached the suspect’s flat. But no doors were kicked in, and there were no shouts of ‘You’re nicked!’
“The priority was to make sure any computers were seized before they could be shut down or their data encrypted. Teams arrived with equipment to gather data, and found a laptop and a desktop computer, both of them online.
“One officer was employed simply keeping her finger on the laptop’s trackpad to make sure it didn’t go to sleep. Later, police cyber-specialists would spend many hours examining exactly what was on the two computers.”
Police investigators will need to follow strict procedures in order to make sure cyber forensics do not contaminate any evidence that may – or may not – reside on suspects’ computers. Failure to follow the procedures to the letter could result in the cases being thrown out of court if the suspects are charged.