Major Executive Speeches

blue space bar

FBI Seal

Gordon M. Snow
Assistant Director
Federal Bureau of Investigation

Operation Trident BreACH News Briefing
FBI HeadquartersWashington, D.C.

October 1, 2010

Good afternoon. I’m Gordon Snow, assistant director of the FBI’s Cyber Division.

The American people are well aware of the fact that threats to U.S. cyber security transcend our borders. Criminal cyber threats emanate from throughout the world and affect Americans in every state and territory. The cyber criminal threat is difficult to describe and ranges from lone actors to highly organized enterprises. Threat actors and groups vary in capability, but their motive is often financial.

Therefore, the only way to effectively fight these criminal groups is for U.S. law enforcement agencies to partner with their domestic and foreign counterparts and with the private sector. The President’s National Strategy to Secure Cyberspace calls for the Department of Justice and the FBI to take a leadership role in the effort to investigate and prosecute cybercrime. The FBI takes this mission seriously and has engaged our partners through the following three main initiatives:

For more than six decades, the FBI has stationed special agents and support personnel in U.S. Embassies and Consulates throughout the world. Today, FBI legal attachés are in 75 countries, where they help protect Americans back home by building relationships with foreign law enforcement agencies. The FBI has begun the process of adding permanent cyber investigative personnel to the FBI team in many key countries. This has enhanced our ability to address the international cyber threat.

The FBI is collaborating with the private sector through numerous partnerships. This includes the National Cyber Forensics and Training Alliance in Pittsburgh, Pennsylvania; the Intellectual Property Rights Center in Arlington, Virginia; and InfraGard chapters throughout the country. These relationships benefit all parties through training opportunities, intelligence sharing, and case referrals.

The FBI is also collaborating with other federal, state, and local law enforcement agencies through a network of 53 FBI-led Cyber Crime Task Forces. Similar to the Joint Terrorism Task Forces that are in every FBI field office, the Cyber Crime Task Forces are positioned to leverage the capability and expertise of the participating agencies in combination with the geographic reach of the FBI’s 456 domestic field offices and resident agencies.

By fusing these capabilities, the FBI and our partners are positioned to bring justice to bear upon international cyber criminals. It is for this reason that we are gathered; to share today’s success on this, the first day of National Cyber Security Awareness Month.

Today marks the successful conclusion of Operation Trident BreACH. This investigation targeted a cyber criminal enterprise engaged in creating and disseminating malicious code, computer intrusion, bank account takeover, theft, and money laundering.

Over the past several days, authorities in the U.S., the Netherlands, Ukraine, and the United Kingdom undertook coordinated investigative and enforcement actions. In total, this investigation generated 16 search warrants and 39 combined targeted arrests.

The Zeus bot was a significant instrumentality of this crime. Zeus is a trojan that allowed hackers to target small- to medium-sized businesses, churches, municipalities, and individuals. The trojan was transmitted to the victim in a phishing e-mail. Once installed, the trojan harvested online banking usernames and passwords, which allowed the criminals to take over the bank accounts and steal funds. Stolen funds were routed to mules who, in turn, moved the funds out of the country.

Trident BreACH is one of the FBI Cyber Division’s most significant international criminal cases to date. While the financial loss is notable, the geographic scope of the conspirators, and technical sophistication of their operation, made them difficult to investigate and disrupt. This syndicate represented a widespread chronic threat to the banking system for nearly two years.

FBI’s Omaha Field Office originated the case over 18 months ago. Connections were made to the New York Field Office investigation of a money mule network and another significant investigation by the Newark Field Office. There are over 390 pending and closed victim cases attributed to this criminal network in field offices throughout the U.S. This case identified attempted thefts of $220 million, with an actual documented U.S. loss of $70 million.

This case demonstrates that international cyber criminals are not beyond the reach of law enforcement. The FBI, working cooperatively with our domestic and foreign partners, will aggressively seek to identify, disrupt, and dismantle criminal syndicates wherever they exist.

Disrupting a cyber criminal enterprise demands technical acuity and dedication from a large and diverse team of agents, task force officers, analysts, computer forensics experts, and support staff. I’d like to acknowledge those efforts:

Participating agencies in the Cyber Crime Task Forces in Omaha and Newark and the Money Mule Working Group in New York made significant contributions to the investigation.

Our law enforcement counterparts in the Netherlands, Ukraine, and the United Kingdom worked side-by-side with us, and we thank them for their indispensible cooperation and partnership.

So, too, did numerous security researchers, private sector companies, and universities; they showed extraordinary efforts in fighting this threat and provided valuable intelligence and analysis to assist our work.

A panel of special agents involved in this investigation has been assembled to provide details of the fraud scheme and answer specific questions.

Thank you.

Executive Speeches | Press Room Home