For all its disadvantages, the former Soviet Union had one hugely overlooked advantage: it kept hackers, crackers, and virus writers confined inside the country by restricting their access to the Internet.
A decade later, Internet penetration is booming in the region, particularly in Russia, and viruses are epidemic. In fact, Russians are linked to some of the nastiest viruses the technology world has ever experienced: Bagel, Mydoom, and Netsky, to name just a few.
Security experts warn that the situation is likely to worsen as hacking, cracking, and virus writing shift from being a mischievous hobby of young kids to a lucrative occupation of skilled professionals working hand-in-hand with hardened criminals.
"The influence of organized crime in this area is steadily growing," says Alexander Gostev, a security expert with Kaspersky Labs in Moscow. "We are now seeing more malicious programs written by professionals, and not by script kiddies as we experienced two to three years ago."
DK Matai, chairman of Mi2g, a London-based security service provider, agrees. "The Mafia, which has been using the Internet as a communication vehicle for some time, is using it increasingly as a resource for carrying out mass identity theft and financial fraud," he says.
Easy Money
The motive is obvious: money--in some cases, big money, which fuels other traditional Mafia activities, such as drug smuggling and prostitution.
"There is more of a financial incentive now for hackers and crackers as well as for virus writers to write for money and not just for glory or some political motive," says one former hacker, known as 3APA3A, who is currently employed as a security expert.
That view contrasts sharply with the situation several years ago when hacking had another status in Russia. In a message published on GlobalSecurity.org, one former hacker-turned-teacher wrote that during his childhood, he and a couple of friends hacked programs and distributed them for free. "It was like our donation to society," he wrote. "It was a form of honor; [we were] like Robin Hood bringing programs to people."
Today, hundreds or even possibly thousands of skilled Russians desperate for cash are scouring the Internet looking for security vulnerabilities in the computer networks of companies, particularly in the U.S. and Europe. They are creating worms and Trojans for stealing credit card and other financial information, or turning inflected computers into zombie hosts to establish illegal spam farms, or extorting money by threatening companies with a distributed denial-of-service attack if they don't pay. And more.
Indeed, if there were a happy haven for hackers these days, it would be Russia, according to Ken Dunham, director of malicious code at iDefense in Reston, Virgina. "In Russia, perhaps more than in most other countries right now, hacking magazines and software are sold on the streets of Moscow," he says. "It's not a secret as you'd expect, but right out there in the open."
Moscow even has a hacking school: Civil Hackers' School.
Perfect Breeding
The combination of over-educated and under-employed specialists has made Russia an ideal breeding ground for hackers. The hacker community was infused with professionals following a financial crash in 1998 that left many computer programmers and business people financially destroyed and out of work. Even today, the country continues to churn out plenty of students who excel at mathematics and physics, but who struggle to find work.
"Russian criminals offer students money to spend time with them to carry out illegitimate activities in return for cash," Matai says. "They're active not only in schools and universities, but also through their own recruitment centers where they siphon off talent for organized criminal purposes, which include selling services to groups in other countries, such as Islamic hackers."
Another factor making Russia an even more fertile nest for hackers is the growing number of residents now able to access the Internet. The Ministry for Communications projects their numbers to grow from 6 percent of the population (around 148 million) in 2003 to 15 percent by 2005. Eleven million people currently use the Internet, while around 9 million own a computer.
Cybercrime doubled in 2003 to 11,000 reported cases, according to the Ministry of Internal Affairs. The most frequent crimes were illegal access to computer information, distribution of pirated software, and cyberattacks on financial institutions.
Next Page: Home to Some of History's Most Notorious Hacks
Home to Some of History's Most Notorious Hacks
Russian hackers have been behind some of the most audacious cybercrimes ever reported. Mathematician and computer specialist Vladimir Levin from St. Petersburg was nabbed in 1995 and sentenced to three years in a Florida prison in 1997 for hacking into Citibank's computers and electronically transferring around $10 million out of the bank's accounts. To this day, no one knows exactly how he broke into the bank's system.
In 1999, Russian hackers were credited with disrupting NATO and U.S. government Web sites.
In 2000, Vasiliy Gorshkov and Alexey Ivanov were lured to the U.S. by Federal Bureau of Investigation agents and later arrested. Gorshkov was sentenced to three years in prison and given a $700,000 fine after he was convicted on 20 counts of conspiracy, fraud, and other related computer crimes. The pair admitted hacking into the computers of U.S. companies to steal credit card information and other personal financial data and then extort money from the victims by threatening to expose that information to the public on the Internet or to damage the companies' computers.
A gang of computer hackers, headed by a 63-year-old pensioner, was arrested by Russian police in 2001. The former computer programmer for a Moscow institute was apparently bitter over receiving no royalties from his work. So he teamed up with a former policeman and three others to steal the details of credit cards from individuals in the U.S. and Europe and use them to make online purchases. The gang then channeled their income back to Moscow through a bogus Internet site they had created, which sold useless information about timber in Russia.
Uneven Enforcement
Hacking is illegal in Russia, just as it is in the U.S. Enforcement, however, is where the two countries differ. In Russia, hacking is sometimes more akin to a getting a parking ticket than a serious felony--something that on paper is wrong but not morally reprehensible, according to Timofey Saitarly, project administrator at the Ukrainian Computer Crime Research Center.
"Young people often hack expensive foreign software because they can't afford it," he says. "Some of the software costs as much as they make in an entire month or even more."
Sergey Bratus, a research associate at the Institute for Security Technologies Studies at Dartmouth College in Hanover, New Hampshire, has a similar opinion. "A huge problem in Russia, particularly Moscow, is violent crime," she says. "Compared to this, small-time computer crime doesn't seem to be a big issue to society. Hackers aren't making the streets unsafe."
Local investigations also are hampered because authorities cite other, higher priorities. That means many hackers are able to operate in what are essentially safe havens. And in an interconnected world like the Internet, a few safe havens are all that is needed to wreak havoc on every country.
"I know of no hackers being imprisoned in Russia," says Kaspersky's Gostev. "Law enforcement officials don't seem to be taking any real major action maybe because none of this hacking has been directed at Russian companies or organizations. They seem to be more interested in protecting national security."
The Russian government has several groups hunting cybercriminals. The Ministry of Internal Affairs, for instant, has a special task force dubbed "the spider group." And there is a unit within the Federal Security Services, the successor to the Soviet Union's KGB. How effective they are, particularly when a crime extends beyond their borders, is unclear.
"It is one thing to criminalize the creation of viruses," says Gus Hosein, senior fellow at The London School of Economics and Political Science. "It is another to investigate the means through which viruses are propagated in the hope to trace it back to its origin."
Joint Investigations
Such investigations, according to Hosein, would require access to traffic data at ISPs throughout the world. So what about a virus that emerges in the U.S., but is traced back to Russia? Who would do the tracing?
If Russia, for example, were to take the lead, how would U.S. ISPs or those in other countries know that a Russian request for traffic data is "for the investigation of a request for traffic data is "for the investigation of a virus trail or to track the dissemination of information regarding Chechnya?" Hosein says. "The point is that policies will be developed to enhance the investigation of viruses in order to trace virus makers and other perpetrators of cybercrimes, only to see those same powers used for different purposes, such as pursuing copyright crime and 'indecent' communications."
A decade later, Internet penetration is booming in the region, particularly in Russia, and viruses are epidemic. In fact, Russians are linked to some of the nastiest viruses the technology world has ever experienced: Bagel, Mydoom, and Netsky, to name just a few.
Security experts warn that the situation is likely to worsen as hacking, cracking, and virus writing shift from being a mischievous hobby of young kids to a lucrative occupation of skilled professionals working hand-in-hand with hardened criminals.
"The influence of organized crime in this area is steadily growing," says Alexander Gostev, a security expert with Kaspersky Labs in Moscow. "We are now seeing more malicious programs written by professionals, and not by script kiddies as we experienced two to three years ago."
DK Matai, chairman of Mi2g, a London-based security service provider, agrees. "The Mafia, which has been using the Internet as a communication vehicle for some time, is using it increasingly as a resource for carrying out mass identity theft and financial fraud," he says.
Easy Money
The motive is obvious: money--in some cases, big money, which fuels other traditional Mafia activities, such as drug smuggling and prostitution.
"There is more of a financial incentive now for hackers and crackers as well as for virus writers to write for money and not just for glory or some political motive," says one former hacker, known as 3APA3A, who is currently employed as a security expert.
That view contrasts sharply with the situation several years ago when hacking had another status in Russia. In a message published on GlobalSecurity.org, one former hacker-turned-teacher wrote that during his childhood, he and a couple of friends hacked programs and distributed them for free. "It was like our donation to society," he wrote. "It was a form of honor; [we were] like Robin Hood bringing programs to people."
Today, hundreds or even possibly thousands of skilled Russians desperate for cash are scouring the Internet looking for security vulnerabilities in the computer networks of companies, particularly in the U.S. and Europe. They are creating worms and Trojans for stealing credit card and other financial information, or turning inflected computers into zombie hosts to establish illegal spam farms, or extorting money by threatening companies with a distributed denial-of-service attack if they don't pay. And more.
Indeed, if there were a happy haven for hackers these days, it would be Russia, according to Ken Dunham, director of malicious code at iDefense in Reston, Virgina. "In Russia, perhaps more than in most other countries right now, hacking magazines and software are sold on the streets of Moscow," he says. "It's not a secret as you'd expect, but right out there in the open."
Moscow even has a hacking school: Civil Hackers' School.
Perfect Breeding
The combination of over-educated and under-employed specialists has made Russia an ideal breeding ground for hackers. The hacker community was infused with professionals following a financial crash in 1998 that left many computer programmers and business people financially destroyed and out of work. Even today, the country continues to churn out plenty of students who excel at mathematics and physics, but who struggle to find work.
"Russian criminals offer students money to spend time with them to carry out illegitimate activities in return for cash," Matai says. "They're active not only in schools and universities, but also through their own recruitment centers where they siphon off talent for organized criminal purposes, which include selling services to groups in other countries, such as Islamic hackers."
Another factor making Russia an even more fertile nest for hackers is the growing number of residents now able to access the Internet. The Ministry for Communications projects their numbers to grow from 6 percent of the population (around 148 million) in 2003 to 15 percent by 2005. Eleven million people currently use the Internet, while around 9 million own a computer.
Cybercrime doubled in 2003 to 11,000 reported cases, according to the Ministry of Internal Affairs. The most frequent crimes were illegal access to computer information, distribution of pirated software, and cyberattacks on financial institutions.
Next Page: Home to Some of History's Most Notorious Hacks
Home to Some of History's Most Notorious Hacks
Russian hackers have been behind some of the most audacious cybercrimes ever reported. Mathematician and computer specialist Vladimir Levin from St. Petersburg was nabbed in 1995 and sentenced to three years in a Florida prison in 1997 for hacking into Citibank's computers and electronically transferring around $10 million out of the bank's accounts. To this day, no one knows exactly how he broke into the bank's system.
In 1999, Russian hackers were credited with disrupting NATO and U.S. government Web sites.
In 2000, Vasiliy Gorshkov and Alexey Ivanov were lured to the U.S. by Federal Bureau of Investigation agents and later arrested. Gorshkov was sentenced to three years in prison and given a $700,000 fine after he was convicted on 20 counts of conspiracy, fraud, and other related computer crimes. The pair admitted hacking into the computers of U.S. companies to steal credit card information and other personal financial data and then extort money from the victims by threatening to expose that information to the public on the Internet or to damage the companies' computers.
A gang of computer hackers, headed by a 63-year-old pensioner, was arrested by Russian police in 2001. The former computer programmer for a Moscow institute was apparently bitter over receiving no royalties from his work. So he teamed up with a former policeman and three others to steal the details of credit cards from individuals in the U.S. and Europe and use them to make online purchases. The gang then channeled their income back to Moscow through a bogus Internet site they had created, which sold useless information about timber in Russia.
Uneven Enforcement
Hacking is illegal in Russia, just as it is in the U.S. Enforcement, however, is where the two countries differ. In Russia, hacking is sometimes more akin to a getting a parking ticket than a serious felony--something that on paper is wrong but not morally reprehensible, according to Timofey Saitarly, project administrator at the Ukrainian Computer Crime Research Center.
"Young people often hack expensive foreign software because they can't afford it," he says. "Some of the software costs as much as they make in an entire month or even more."
Sergey Bratus, a research associate at the Institute for Security Technologies Studies at Dartmouth College in Hanover, New Hampshire, has a similar opinion. "A huge problem in Russia, particularly Moscow, is violent crime," she says. "Compared to this, small-time computer crime doesn't seem to be a big issue to society. Hackers aren't making the streets unsafe."
Local investigations also are hampered because authorities cite other, higher priorities. That means many hackers are able to operate in what are essentially safe havens. And in an interconnected world like the Internet, a few safe havens are all that is needed to wreak havoc on every country.
"I know of no hackers being imprisoned in Russia," says Kaspersky's Gostev. "Law enforcement officials don't seem to be taking any real major action maybe because none of this hacking has been directed at Russian companies or organizations. They seem to be more interested in protecting national security."
The Russian government has several groups hunting cybercriminals. The Ministry of Internal Affairs, for instant, has a special task force dubbed "the spider group." And there is a unit within the Federal Security Services, the successor to the Soviet Union's KGB. How effective they are, particularly when a crime extends beyond their borders, is unclear.
"It is one thing to criminalize the creation of viruses," says Gus Hosein, senior fellow at The London School of Economics and Political Science. "It is another to investigate the means through which viruses are propagated in the hope to trace it back to its origin."
Joint Investigations
Such investigations, according to Hosein, would require access to traffic data at ISPs throughout the world. So what about a virus that emerges in the U.S., but is traced back to Russia? Who would do the tracing?
If Russia, for example, were to take the lead, how would U.S. ISPs or those in other countries know that a Russian request for traffic data is "for the investigation of a request for traffic data is "for the investigation of a virus trail or to track the dissemination of information regarding Chechnya?" Hosein says. "The point is that policies will be developed to enhance the investigation of viruses in order to trace virus makers and other perpetrators of cybercrimes, only to see those same powers used for different purposes, such as pursuing copyright crime and 'indecent' communications."
Add to that the global approach virus writers are now taking to make their assaults even more difficult to track. "We are monitoring virus incidents whereby writers operating in country A launch a virus in country B to infect computers in country C," says Mikko Hyppünen, director of antivirus research at F-Secure in Helsinki. "It's hard to prosecute offenders especially when laws are nonexistent in many of the countries that these guys are using to launch their virus attacks."
International law is often ill-suited to deal with the problem, with conflicting views on what constitutes cybercrime, how--or if--perpetrators should be punished and how national borders should be applied to a medium that is essentially borderless.
"What is needed is the ability to extradite," says Mi2g's Matai. "But this is not easy because of the anonymous nature of organized crime--it's very difficult to pin down who actually committed a crime--and because individuals who are caught committing a crime in one country may not have any laws against that crime in their own country."
Going Global
Efforts to establish global cybercrime laws exist. London School's Hosein points to the Council of Europe convention on cybercrime, a treaty signed in November 2001 that calls on countries to harmonize their laws on and investigative powers of all illegal behavior, including hacking and child pornography, and to ensure international cooperation in investigations. But Hosein warns that as countries adopt the convention into national law, many tend to go further than necessary in order to expand their powers.
Some experts are in favor of establishing a special global cybercrime task force, similar to the Interpol international police network. "We just need to copy the Interpol structure for traditional crime, make some slight changes and establish cooperative programs," Gostev says.
In the absence of a global Net cop, Microsoft has been offering Wild West-like bounties to catch cybercriminals. But one former virus writer in the Czech Republic dismisses the bounty as a marketing tactic, saying it will have no deterrent effect. "For Microsoft, it's just another excuse for their buggy software," Benny says in an e-mail. "It's only about marketing."
Security experts believe the best way to curb cybercrime is for each and every user to make sure his o front door is securely locked.
"A due diligence approach is required to help fight off this new wave of cybercrime," says iDefense's Dunham. "Everyone must take responsibility for helping to harden computers against attack, from the end user to the CEO of a large corporation."
No comments:
Post a Comment