|
|
|
|
18.04.07
|
Catching The Bad Guys Of Cyberspace
|
|
|
By Dmitry Babich
|
Electronic Crimes a New Problem for Russian Law Enforcement.
Outside of the exclusive club of oligarchs and politicians, the few Russians who feature in the headlines of the international media tend to be computer hackers. One of the most notorious cases of this kind dates back to 2002, when Vladimir Levin, a programmer with the Saturn company in St. Petersburg, stole $11 million from clients of New York-based Citibank before he was arrested in the UK through the work of the Russian police and the FBI. In November 2006, a court in the central Russian city of Balakov, Saratov Region, found three other hackers guilty who devised a spy program that allowed them to access data in British bookmaker offices and blackmail the bookies. If a “ransom” was not paid, the criminals threatened to start a virus attack against the bookmakers’ servers. The total damage caused by the criminals is estimated at $4 million. All three members of the group were consequently sentenced to eight years in a maximum security penal colony.
This January, an even more stunning story started to unfold, as the U.S. Securities and Exchange Commission (SEC) froze the account of Russian citizen Yevgeny Gashichev and his company Grand Logistic at the New York Stock Exchange. The regulator suspected Gashichev of having cracked the accounts of other exchange participants in order to manipulate share prices, illegally earning $354,000.
Naturally, the more controversial cases tend to get the greatest publicity, for example, the trial of Dmitry Sklyarov, a programmer with the Russian company Elcomsoft, who was arrested in the United States in 2001 on charges of having broken the Digital Millennium Copyright Act (DMCA). Sklyarov was accused of revealing some defects in the anti-hacker protection of the electronic catalogue Adobe eBooks, which was interpreted as a copyright violation by Adobe. After spending several months in a U.S. prison, Sklyarov was released after numerous protests in both the United States and Russia organized by programming communities, where many people interpreted Sklyarov’s behavior as normal practice in international programming, “which, in the end, promotes strengthening program protection,” in the words of a protest leaflet.
Although these high-profile cases show one side of the problem, most damage done by cyber criminals takes place on a daily basis, through crimes that may not amount to much individually, but add up over time. Although in 2006 the number of cyber crimes remained at the alarming level of 14,000, the general trend is towards a certain stabilization in the number of such crimes after several years of explosive growth in late 1990s. “In 2004, 13,261 crimes of this kind were registered, in 2005 their number grew to 14,810 and in 2006 we actually expected a decrease,” said Boris Miroshnikov, head of the Bureau of Special Technical Procedures of the Russian Ministry of Interior (MVD). In comparison, in 1997, when articles on fighting cyber crimes were introduced into Russia’s Criminal Code, the number of such cases was just 17, and the number grew only to 87 in 1998.
According to the information of the “K” department of the Russian Ministry of Internal Affairs, which specializes in fighting crimes involving the use of computers, the Internet and other information technologies, almost 43 percent of the victims of IT criminals were online auction participants. However, the variety of this kind of offences is great as the “market” for them is developing at the same pace as modern technologies. The other most widespread schemes include, for example, setting up illegal phone stations, which allow the clients of criminal businesses to make cheap calls abroad at the expense of other people who then receive the bill for calls they never made. The damage from this kind of illegal business to Moscow phone operator MGTS is estimated at the level of approximately 400,000 rubles ($1,530) per day.
“There could be a lot more computer crime than we register,” said Vladislav Selivanov, former head of the anti-IT crime department in the Russian Ministry of Internal Affairs. “Banks and companies are sometimes unwilling to report cases when they were duped out of money. Sometimes it happens because they are concerned about their reputation. Or they may just not know whom to call when they have a problem.” Currently, the K Department is considering opening a telephone hotline for people who suspect that their servers are being attacked by hackers. “Obviously, when you see that your server is being attacked, it makes no sense to alarm the police on the general 02 hotline,” said Anatoly Platonov, one of the K Department’s officers. “Here you need to alarm the special cyber police. We are prepared even to accept calls from hooligans wanting to test our nerves. That is normal.” The cyber policemen say they have established good connections with Internet providers, who help them locate suspicious phone numbers and locations that may be used by hackers. Very often, policemen help the providers crack down on unauthorized access to the Internet through the identification of stolen logins and passwords.
In many cases, victims are completely unaware that their sites or servers have been attacked by hackers. According to Selivanov’s estimates, the percentage of such unnoticed attacks is about 70-80 percent in the West. In Russia, their share reaches 90 percent.
It is widely believed that the criminal groups engaged in IT crimes are also involved in other kinds of criminal activity. When Selivanov’s investigators tried to track the illegal phone stations, it noticed that geographically these phone stations were located near the places where drugs are known to be bought and sold. In the opinion of police experts, this geographic proximity is not a mere coincidence. Both criminal businesses sometimes share not only the premises – such as dorm rooms or cheap hotels – they also have the same investors and sometimes even the same staff.
Another widespread and lucrative criminal business involving information technologies in Russia is the production of pirated DVDs. One of the most publicized cases involved an arrest of a group of criminals who managed to crack the code of original DVDs from several respected foreign companies and started mass production of Russian versions. Having removed the English soundtracks, the criminals put the Russian dubbing on and sent the renewed versions abroad, where master discs of pirated movies were produced. These master discs were later brought back to Russia, where they were used for mass production of pirated DVDs. This operation required an initial investment of about $2.5 million for the acquisition of the necessary equipment, but, according to the estimates of K Department operatives, the profit margin for this kind of criminal business can reach up to 500 percent. Only drug trafficking and illegal arms sales bring more profit.
The other area of concern for the Russian cyber policemen is the use of the Internet by people whom the Russian MVD calls “extremists” – mostly Chechen separatists calling for a violent overthrow of the current pro-Russian administration of Chechnya. Speaking to a conference on cyberterrorism in Moscow last year attended by representatives from more than 80 countries, the MVD’s Miroshnikov said that there were 150 such extremist sites operating in Russian. Most of them were hosted in other countries, so the MVD tried to inform its colleagues abroad about the problem, calling for joint action against the “propaganda of terrorism.” Although 48 such requests were sent to the United States, 17 to Western European countries – primarily to Denmark and Sweden, where most Chechen fighter sites are registered – Miroshnikov said “we did not get much from our Western colleagues in the way of cooperation.”
One of the obstacles on the way to such cooperation is Russia’s continued refusal to join the European Convention on Cyber Crime, adopted in 2001 and aimed at combining efforts in fighting, among other things, the illegal use of Internet. In Miroshnikov’s words, Russia disagreed with Article 32 of this convention, “Trans-border access to stored computer data with consent or where publicly available.” The article empowered any signatory to access the publicly available (open source) stored computer data of other signatories, regardless of where the data is located geographically. The provision also allows for accessing or receiving, through a computer system in its territory, stored computer data located in another party, if the party obtains the lawful and voluntary consent of the person who has the lawful authority to disclose the data to the party through that computer system.
Russian officials saw the article as a threat to Russia’s cyber sovereignty, but as Miroshnikov put it, “Russia’s not joining the Convention does not bar us from helping all interested parties.” Although, clearly this would be only on a quid pro quo basis. |
The source |
|
|
|
|
|
|