International Cyber Crime Shows The Vulnerability Of Executive Email Accounts

Robert Westbrook, a UK national, has been charged with orchestrating a multi-million-dollar hack-to-trade fraud scheme. Westbrook allegedly hacked into the email accounts of U.S. company executives.

Westbrook used this confidential information to make illegal trades, resulting in over $3 million in profits.

Westbrook faces charges in the United States of securities fraud, wire fraud, and computer fraud. Each charge carries significant penalties, including up to 20 years in prison and substantial fines.

The U.S. Securities and Exchange Commission (SEC) has also filed a civil suit against Westbrook, seeking to impose civil penalties and recover ill-gotten gains. https://www.justice.gov/usao-nj/pr/uk-national-charged-multimillion-dollar-hack-trade-fraud-scheme (Sept. 27, 2024).

Commentary

According to the Department of Justice press release cited above:

From January 2019 through May 2020, Westbrook executed a hack-to-trade scheme through which he generated millions of dollars in profits. On at least five occasions, Westbrook gained unauthorized access to Office365 email accounts belonging to corporate executives employed by certain U.S.-based companies to obtain non-public information, including information about impending earnings announcements. Westbrook then used that information to purchase securities that he sold in short order for substantial profits after the material information became public.  On several occasions, Westbrook implemented auto-forwarding rules designed to automatically forward content from the corporate executives' compromised email accounts to email accounts controlled by Westbrook.  Westbrook generated profits exceeding $3 million dollars through this scheme.

How Westbrook gained access to the accounts is unknown. What is revealed is that Westbrook is accused of using basic functions of Office365, like auto-forwarding, to get the information he needed to profit from stock. 

Profiting from stock is not illegal. Profiting from stock using insider information is illegal, and why the SEC took interest. According to the SEC, Westbrook penetrated several companies and went to great length to cover up his crimes:

As a result of these hacks, Westbrook deceptively obtained material nonpublic information that he used to trade in the securities of the five public companies prior to the release of at least 14 earnings announcements.

"The SEC is engaged in ongoing efforts to protect markets and investors from the consequences of cyber fraud," said Jorge G. Tenreiro, Acting Chief of the SEC's Crypto Assets and Cyber Unit. "As this case demonstrates, even though Westbrook took multiple steps to conceal his identity – including using anonymous email accounts, VPN services, and utilizing bitcoin – the Commission's advanced data analytics, crypto asset tracing, and technology can uncover fraud even in cases involving sophisticated international hacking." https://www.sec.gov/newsroom/press-releases/2024-153 (Sept. 27, 2024).

There are many takeaways, including vulnerability of executive email accounts, but also that VPN services and bitcoin can be tracked by the U.S. government. For organizations and executives, it is important to screen devices for malware and to examine the functions of your email, including auto-forward.

Finally, your opinion is important to us. Please complete the opinion survey:

What's New

DOL Is Now Concerned About Internal Breaches: Should You Be Concerned?

The DOL updates its cybersecurity guidance for ERISA employee benefit plans. What has them concerned? We examine.

International Cyber Crime Shows The Vulnerability Of Executive Email Accounts

A UK national is charged by the U.S. for hacking into executive accounts and profiting in the stock market from information gained. We examine how this was accomplished.

On-Boarding: The Best Time To Instill Password Best Practices

More data shows that passwords and credentialing are a soft spot for organizations. We examine and provide some ideas using orientation. ?