South African cyber crook turns into cyber sleuth for hire

The story of Alistair Peterson reminds me of "Catch Me If You Can", the Spielberg movie starring Leonardo DiCaprio and Tom Hanks. Frank Abagnale, the protagonist played by DiCaprio, is a young man that uses his genius and total lack of scruples to scam airlines, banks, police and FBI over a multi-year crime spree. When finally caught he turns a new leaf and devotes the rest of his life to fighting crime, particularly check fraud.

Now we have Alistair Peterson, a South African cyber criminal recently released from prison for his crimes as a master mind of a network of mules who provided accounts for him to deposit stolen funds in. He wrote a custom Trojan that stole banking credentials from end users. By the time he was caught (February 2007) he had stashed over $2 million in an account is Swaziland. After serving only six months he has been released thanks in part to the help he has provided to SA law enforcement in stopping other cyber crimes. He even has a company, GooZooLabs, that is fighting cybercrime through software development and forensics work.

From a just published article:

He says getting arrested was the best thing that could have happened to him.

"When I was doing all that nonsense, I was not sleeping. I was constantly restless, knowing the police were going to knock on my door at any moment.

"After I was arrested, I slept like a baby, and going to jail made me realise my interest lies in cyber security."

I say good on him. If he can both repair the damage done and help banks tighten up their security that is all good. In the mean time banks should pay attention to the types of attacks he used and think about counter measures. Do I have to stress once again how important strong authentication is to secure account access?

Check out these solutions: MyOneLogin from TriCipher and GridGuard from GridData Security.