(Second of three parts)

By David Dizon
abs-cbnNews.com
2007 Newsbreak
Investigative Writing Fellow

Authorities have been monitoring certain e-groups or
"societies" that could be behind big, transnational cyber crimes, and these
suspects could be your tech-savvy neighbors or seatmates at an Internet
café.

Online identity thieves, who used to prefer working
alone, have in recent years begun organizing as criminal syndicates, usually in
connivance with foreign hacker groups, according to Alex Ramos, a computer
forensics specialist of the Philippine National Police.

"They don’t fit the typical profile of a criminal.
They’re not neglected. Some do it for the fun of hacking and earning a little
something. There is also a group of crackers, college boys, who only focus on
getting credit card information," Ramos says. Some members being enticed to join
these societies are as young as 14 years old, he says.

Alex Ramos, a computer forensics specialist of the Philippine
National Police.One of the earliest monitoring
of hackers’ groups that Ramos conducted started in 1999. It led to some minor
arrests, but the core of the syndicate—run by foreigners, in turned out—was
busted only in 2007.

It turned out, too, that the crime was affecting
telecommunications networks worldwide, and would be the biggest to be thwarted
by local authorities since the E-Commerce Law was passed in 2000. Ramos earned
for it the 2007 Timothy Fidel Memorial Award from organizers of the Computer
Enterprise Investigations Conference.

Unwitting teen-agers

Ramos says the syndicate committed phreaking, which
exploited security loopholes to obtain free access to telephone calls at the
expense of customers of the Philippine Long Distant Telephone (PLDT). The
process involves using a "war dialer" to call different phone numbers and then
guessing the pincodes to those numbers in order to freely access the system to
make long distance calls.

Foreign law enforcers contacted the Philippine
government in 2001 about an upsurge in online anomalies hitting foreign
telecoms. "These telecoms had been monitoring the increase in unauthorized calls
and they made a projection that if this thing continued to happen at that rate,
there would be denial of service. No one in the Philippines would be able to
call anyone in the US," he recalls.

Related Story
• Password thieves
prey on Pinoy Internet users

Ramos said the first police raid concerning phreaking
didn’t make the news in 2001 because it involved minors. It was a rude awakening
for local law enforcement after seeing that children were being used unwittingly
to commit cyber crimes.

"We used 200 men—SWAT, PNP, NBI—all fully armed
because we didn’t know what we were up against. Even the house was located at a
known hotspot of criminal activity. And then when we raided the house, we
couldn’t file a case against the suspects; they were 14-year-old kids. In the
list of the hottest phreakers in the country, they were at the top," he says.

Foreign mastermind

After questioning the teenagers, Ramos was convinced
that the children were unwitting accomplices of a foreign mastermind. "They
didn’t know that what they were doing was illegal. All they knew was they were
given instructions to punch these numbers in the computer. They weren’t even
paid. It was just for kicks."

Ramos says it was the absence of the money trail that
bewildered law enforcement at first. Foreign law enforcers would later reveal
that the syndicate was wiring money to local hackers in the Philippines to
continue the phreaking operation.

Police made subsequent raids against suspected
syndicate members in the following years, but it was in March 2007 that the
police was able to dismantle the core group. Twenty-four Jordanian nationals of
Palestinian descent and seven Filipinos were arrested in separate raids in
Caloocan, Valenzuela, Parañaque, and Las Piñas.

Ramos says telecom companies lost an estimated $350
million in stolen revenue as a result of the phreaking syndicate. He says police
investigation of the phreaking case is still ongoing. "We know it is being done
by a foreign group. There are still phreaking activities happening here but
they’re minor, it’s not as big as before," he says.

Police said there are at least 100 Manila-based
hackers in the phreaking syndicate composed of Filipinos, Palestinian-Jordanian
nationals, Pakistani nationals, and Italians with Middle East origins.

Bad for e-commerce

Abe Olandres, a tech blogger, says one security
threat that law enforcers should focus on is the stealing of passwords and
credit card information from online users. This, he says, is the reason why
e-commerce rollout in the Philippines remains slow.

YES Limited, a Hong Kong-based IT company launched in
2003, was victimized by credit card fraud, which led to the arrests of several
suspects. YES Limited allows overseas Filipinos to send money to their loved
ones in the Philippines by creating an online account in their Yespinoy.com
website, which is then topped up with funds from a credit card. The relative of
the overseas Filipino can withdraw the money using a Smart Money ATM card.

YES Limited monitored that a number of Yespinoy.com
members were sending money to just one account. Money from the account was later
withdrawn from an ATM in Quezon City. When contacted, the Yespinoy members
denied sending any money to the account, while others denied registering for
membership in the site.

The company contacted the National Bureau of
Investigation (NBI), which conducted an entrapment operation, netting two
suspected credit card fraudsters using stolen account information.

Olandres says www.godaddy.com, an Internet domain registration site, refused to service the
Philippines four years ago because of the high incidence of credit card fraud
and malicious attacks by local hackers. He said the site had to resort to manual
checking of users who wanted to register domains.

Private help needed

He says that while the E-Commerce Law was passed in
2001, none of the proposed bills on cybercrime have moved. "Congress has to act
quickly because computer crimes are becoming more complicated. It’s
counterproductive to have all this progress without the legislation needed to
protect online users," he says.

Ramos says there is also a need to equip law
enforcers to go after cyber criminals. He says only a few units under the PNP
and NBI are dedicated to fighting computer crime.

"You cannot centralize the skills, the knowledge. We
have to spread the knowledge about how cyber crime works. That way, people would
be able to see when it’s happening and report it," he explains.

He also lauds the private sector, particularly the IT
community, for helping law enforcers in pursuing criminals in cyberspace.

"Government does not have all the resources and
skills. That is why it is a must that we work together with the private sector.
We have to build a network of friends in the IT industry and we need an
organized system that would help in the free flow of information between the
private sector and the government units handling cyber crime," he says.

-------
This special report was produced under the 2007 Newsbreak Investigative
Reporting Fellowship Program, a component of the Media, Democracy and
Development Program of the United Nations Democracy Fund.