Cutting Telecom Fraud May Impede Terrorists

By Frances Feld, CAE

The fight against telecommunications

fraud is not solely about staving off substantial revenue losses - $35 billion to $40 billion, according the Communications Fraud Control Association’s 2003 survey of carriers in 26 countries. It also is about preventing telephone companies from being unwitting accessories to crimes and terrorism.

If it were possible to stop telecom fraud tomorrow, many criminals and terrorists would find their anonymous communications for planning, funding, recruiting and procuring supplies severely restricted. The tighter and faster the clamps on subscription fraud, the more exposed are those who require anonymity.

This is not a plea for greater governmental surveillance. That complex matter will be debated in other venues. But the sharp point of government’s sword must have enough power - in the hands of law-abiding enforcement officers - to rapidly pin down the criminal. Wiretapping rightfully raises some warning flags, but it remains a powerful lawenforcement tool for stopping the myriad subsequent crimes that stolen phone time enables. The enemy is no glibly identifiable demographic group.

It is a perilous combination of technical capability and malicious mindset. In the late 1990s, hackers broke into Massachusetts phone systems to disconnect an airport control tower. Another jammed emergency 911 phone lines in Florida. There was no political or monetary gain. These vandals knowingly put human lives at risk for cyber-glory among peers.

HOW DOES THE CRIMINAL NET WORK?

What terrorist would coordinate his work from a home or cell phone he obtained using his own name, driver’s license, address and Social Security number? Obviously, the answer is none. So identity theft is one way a terrorist can establish anonymous phone service he can use for harmful ends. The new identity, now backed by a phone number, enables the subsequent crime of credit-card fraud for lodging, transport and supplies.

In a presentation for a 2000 symposium, Dr. Peter Grabowsky of the Australian Institute of Criminology called PBX/PABX hijacking “a major criminal industry.”

“Information technology,” he said, “has begun to provide criminal opportunities of which Willie Sutton would never have dreamed.” Those opportunities have proved to be equally clear to domestic terrorists, Al Qaeda and organized crime.

The fraudster may be a simple reseller of time hijacked from a local PBX. Hired hackers, for example, once broke into AT&T Corp., GTE, Sprint Corp. and other carriers to harvest calling-card numbers that eventually were sold to organized crime in Italy. The FBI estimated these phone companies were robbed of $2 million in calls. This estimate does not include the incalculable cost of havoc wreaked as a result of anonymous phone time used by criminals or Italian terrorist cells.

Sometimes the fraudsters are themselves terrorists: In the summer of 2002, The Detroit Free Press reported four men arrested that year were members of a “sleeper combat cell that conspired to help plot terrorist attacks.” A fifth conspirator “Abdella,” an expert in the fraudulent use of telephone calling cards, remains at large. More recently, London’s Telegraph newspaper reported that terrorists responsible for Madrid’s March 11 train attacks “used stolen telephone and credit cards for communications back to Pakistan, Afghanistan, Lebanon, etc.”

With the help of diligent carriers, such perpetrators can be stymied. In Brazil, for example, electronics store owner Mohammed Hassan Atwi was arrested in 2002 for selling calls from his clandestine switch. The collar was made possible through the aid of Cliff Jordan, manager of fraud control prevention at Embratel SA, who worked with the Brazilian federal police. Atwi is suspected of paying extortion money to convicted mobster-terrorist Assad Amad Barakat who ran the Lebanese mafia in the tri-border area of Argentina, Brazil and Paraguay. When Interpol raided Barakat’s residence in Ciudad del Este, Paraguay, they found pro-terrorist pamphlets, training videos and bank records showing Barakat had transferred $50 million to Hezbollah. Atwi’s phone fraud proceeds are believed to have been funneled through Barakat to fund Hezbollah’s work.

Even before the Sept. 11, 2001, attacks on the United States, Embratel’s Jordan reports his team fought rising fraudulent call volumes to Saudi Arabia, Iraq, Iran, Lebanon, Kenya, India, Pakistan and Bangladesh. “We knew they were selling our stolen network time to buy drugs for resale and to coordinate illegal arms traffic,” says Jordan. Immediately after 9/11, Brazilian federal police asked Embratel and competitor Intelig for help, Jordan says. He said police response time on phone fraud busts dropped from three weeks to two hours. These “telecom fraudsters” primarily were terrorists, funders of terrorism and drug traffickers. Accordingly, arresting them for telecom fraud choked off related crimes.

WHERE’S THE BUDGET?

Just when telco security budgets should be increased, many are shrinking. Some carriers willingly “live with” a certain amount of fraud because “it’s too expensive to stop the rest.” There are two problems with that view. One, the remaining fraud problem may seem small precisely because those carriers do not have the resources to know how much red ink is bleeding from veins they do not know are cut. And, two, it is now more clear there is a public safety aspect to squelching phone fraud; the remaining decimal points of stolen time might be the hours used by terrorists.

Strangling those apparent “last few hundredths of a percent” may catch more fraudsters than carriers suspect are hiding in their network. Considering ROI alone, the money saved may well justify replenishing security budgets.

Stiffer penalties also may be a deterrent. Cybercrime penalties are often greater because they can be far more expensive than other white-collar crimes. In Georgia, for example, computer crimes carry up to 15 years incarceration and a $50,000 fine, while in Minnesota first-degree cellular counterfeiting may draw a maximum of five years and a $10,000  fine. If telephone fraud can be classified more often as cybercrime to invoke tougher laws, perhaps fewer opportunists will take up telecom fraud.

Widening the usual definition of “data” - as defined in anti-computer-hacking laws - to include telephone signals is well justified empirically; the common denominators between voice and alphanumeric text outweigh distinctions. Emotionally, however, it is more unsettling to many for lawmakers to enable access to voice communications than to financial records or even e-mail.

Civil liberty concerns arise, but I believe they can be overcome with proper safeguards.

As with many laws, sentencing bodies would need to draw a distinction between a precocious adolescent out to impress misguided friends, versus a money-motivated criminal, versus a knowing and malicious terrorist.

Many foreign governments are taking up the charge. Brazil’s police developed an immediate response time to phone fraud after 9/11. The Associated Press reports that, after Daniel Pearl’s assassination, a Pakistani security agency launched a special wing to combat cyber crimes partially because local agencies were unable to trace emails from Pearl’s kidnappers without help from U.S. investigators.

Despite these commendable efforts, no government has the resources to pursue every instance. The U.S. Department of Justice in 2002 investigated 814 computer intrusions or hackers, but their pending list contained 1,956.

WHAT CAN BE DONE?

Slowing any crime involves public education.

Today, in many circles, it’s a winking crime to use stolen telephone time. Instead, stealing telephone time should be associated in the public’s mind with crimes that accompany it, including terrorism. The same fraudster who sells stolen time to a rowdy teenager will sell the next hour to a militant racist.

Police departments and private anti-drug groups give lectures in schools and set up educational kiosks at fairs or malls. Many carriers also have invested in consumer fraud awareness campaigns that have included bill inserts, newspaper, radio, television and special sections on their Web sites that inform consumers of the latest scams.

To fill the information gap, CFCA provides educational resources and conferences to equip carriers and law enforcement organizations to identify illegal long-distance storefronts and other telecom thieves. The CFCA’s educational conferences have addressed topics that range from identifying fraudulent calling patterns through billing anomalies, neural network technology and SS7 driven fraud systems. Some educational sessions aid carriers and law enforcement in capturing and presenting specific Title 18 violations for criminal prosecution of fraudsters.

Improved cross-border information sharing also could help. In May 2004, when ministers for justice and home affairs of the G8 - Japan, Russia, United Kingdom, France, Italy, Germany, United States and Canada - met in Washington D.C., they focused on the need for cooperation and intelligence- sharing to tackle international terrorism, organized crime and corruption. British Home Office Minister Hazel Blears said, “Close cooperation is vital if we are to succeed against those people who seek to destroy our freedoms and way of life.” Recommendations included “improved cross-border sharing of intelligence information to prevent and disrupt terrorist activities.”

In this capacity, CFCA also seeks to help carriers cross competitive barriers that sometimes arise. Its memberships, continuing professional education and certification are open to industry professionals. Members-only sections of the CFCA Web site, weekly Fraud Alerts, conferences and meetings give telecom carriers an open and non-competitive venueand the newest tools and strategies-for secure “crossborder sharing of intelligence.”