Firms warned they may be targets of Trojan spies

UK businesses should take urgent steps to check their systems are secure, police have warned after discovering one of the world's largest industrial espionage and hacking operations.

UK businesses should take urgent steps to check their systems are secure, police have warned after discovering one of the world's largest industrial espionage and hacking operations.

Senior directors of at least 15 leading businesses in Israel are under investigation for hiring private detective agencies to obtain confidential documents from rivals' computer systems.

Operation Horse Race, an international investigation by police in Israel, Germany, the US and the UK, has led to the arrest of 22 suspects in Israel and London.

But the spying operation, which went undetected for two years, may just be the tip of the iceberg.

The head of Israel's banking authorities has told financial institutions to check their systems, and Israeli police said firms in the UK and US may have been targeted.

Israeli investigators believe Michael Haephrati, the London-based computer specialist at the centre of the spying operation, may have sold his services to investigative agencies in London.

Haephrati is accused of supplying a sophisticated Trojan horse program capable of giving hackers access to computer systems to recover confidential documents and data.

He was arrested with his wife Ruth, also a computer consultant, in London, following a raid by the UK's National Hi-Tech Crime Unit. The pair have been remanded in custody until the end of June and could face extradition to Israel.

Superintendent Pearl Liat of the Israeli police told Computer Weekly, "We know Haephrati worked abroad. We assume that if he sold this Trojan horse to private investigators in Israel, he also offered to it companies abroad. That is why we have involved through Interpol the police in London, Germany and the US."

Businesses targeted in Israel have suffered serious financial damage, after private detective agencies working with Haephrati allegedly stole copies of marketing plans, employee pay slips business plans, and details of new products from their computer systems to pass on to rivals.

Israeli investigators have recovered thousands of pages of confidential documents, posted by the Trojan to servers in the US, Israel and Germany.

"We are talking about 10 to 11Gbytes of material on different servers," chief inspector Nir Nativ said on Israeli TV.

Analyst firm Gartner said that with UK firms being potential targets, they should take precautions to protect their systems, but there was little they could do against a determined hacker. "There is always going to be someone who is clever enough to design an attack that can evade control mechanisms," said vice-president and director of research Jay Heiser.

Denise Plumpton, chairman of the Corporate IT Forum, said IT departments should ensure their organisations stay one step ahead of the hackers.

"This may help CIOs get the board's attention, but it is far better if they can get it considered by the board as regular review, in much the same way that companies have regular financial reviews," she said.

Brian Collins, vice-president of the British Computer Society and former global CIO at law firm Clifford Chance, said the Trojan was "a safe-breaking kit". "Intellectual property is one of the things we have in this country, and this thing steals it," he said.

Royal Mail director of security David Lacey said the case highlighted the need for proper funding for law enforcement against cybercrime. "It is a growing problem. We have to make sure police authorities are properly trained and funded," he said.

Read more on IT risk management