|
Cyber agency for cyber crime
The fast paced evolution of technology gives the world we currently live in
an interesting flavour. Because of the complicated network of information
systems upon which we come to rely on more and more, it also presents a
serious security risk. Cyber crime has the potential to be more devastating
than most other human created catastrophes.
Romania emerges as new world nexus of cybercrime
By William J. Kole
ASSOCIATED PRESS
10:09 a.m. October 18, 2003
BUCHAREST, Romania – It was nearly 70 degrees below zero outside, but the
e-mail on a computer at the South Pole Research Center sent a different kind
of chill through the scientists inside.
"I've hacked into the server. Pay me off or I'll sell the station's data to
another country and tell the world how vulnerable you are," the message
warned.
Proving it was no hoax, the message included scientific data showing the
extortionist had roamed freely around the server, which controlled the 50
researchers' life-support systems.
The FBI traced the e-mail to an Internet cafe in Bucharest and helped
Romanian police arrest two locals – the latest evidence that computer-savvy
Romanians are fast emerging as a bold menace in the shadowy world of
cybercrime.
"It's one of the leading places for this kind of activity," said Gabrielle
Burger, who runs the FBI's office in Bucharest and is working with Romanian
authorities to arrest suspects "and avoid the Sept. 11 of cybercrime."
Law enforcement documents obtained by The Associated Press portray a loosely
organized but increasingly aggressive network of young Romanians conspiring
with accomplices in Europe and the United States to steal millions of
dollars each year from consumers and companies.
Their specialties: defrauding consumers through bogus Internet purchases,
extorting cash from companies after hacking into their systems, and
designing and releasing computer-crippling worms and viruses.
Alarmed authorities say the South Pole case underscores the global impact of
this new breed of cyber-outlaw.
"Frustrated with the employment possibilities offered in Romania, some of
the world's most talented computer students are exploiting their talents
online," the U.S.-based Internet Fraud Complaint Center, run by the FBI and
the National White Collar Crime Center, says in a new report.
Computer crime flourished in Romania because the country lacked a cybercrime
law until earlier this year, when it enacted what may be the world's
harshest. The new law punishes convicts with up to 15 years in prison – more
than twice the maximum for rape.
Varujan Pambuccian, a lawmaker and former programmer, helped draft the new
law after Romania's government realized the nation, which is racing to join
the European Union by 2007, was getting a bad online reputation.
"We want a good name for our country," he said. "I'm very angry that Romania
is so well-known for ugly things – for street dogs, street children and
hackers." Pambuccian said there was a noticeable decline in criminal
activity in the first three months since the law took effect.
More than 60 Romanians have been arrested in recent joint operations
involving the FBI, Secret Service, Scotland Yard, the U.S. Postal Inspection
Service and numerous European police agencies.
They include the two suspects implicated in the South Pole extortion attempt
last May. Both are awaiting trial. Another Romanian pair was arrested on
suspicion of extorting cash from Integrity Media of Mobile, Ala., after
information on 30,000 credit card accounts was stolen in March.
Police say several hackers have been convicted, though in lower-profile
cases.
Although the Russians are better known for online extortion, Romanians have
become major players in the scam, a specialty also favored by criminals from
Bulgaria, Poland and Slovenia.
Information technology is a Romanian forte dating to the former regime, when
the late dictator Nicolae Ceausescu saw computers as a way to advance
communist ideology. Software piracy took firm hold during the Soviet era,
when Romanians too poor to buy licensed software simply copied it.
Today, Romanians get their first computer lessons in nursery school.
Universities have top-notch IT programs whose graduates are heavily
recruited by Western companies. Microsoft Corp. recently acquired GeCAD, a
leading Bucharest data-security firm.
But all that know-how has spawned a dark side: Internet vampires who prey on
victims half a world away.
The classic scam: Offer high-end electronics or other goods for sale or
auction, take the order, confirm the "shipment" – and simply vanish the
moment the consumer has wired payment.
The Internet Fraud Complaint Center said it gets hundreds of complaints
daily from defrauded Americans. Many cases trace to Romania, where criminals
use Internet cafes to elude capture and avoid leaving a digital trail to
their home PCs.
Some have developed Web pages that mimic legitimate sites such as eBay,
diverting them into the cyberspace equivalent of a back alley. Buyers think
they're dealing with eBay, but their money ends up in criminal hands and the
goods are never shipped.
The most brazen hack into protected corporate databases, where they copy
proprietary information and demand cash on threats of publishing the
findings on the open Internet.
This past summer, authorities aided by FBI experts arrested six young
Romanians in the Transylvania town of Sibiu after they successfully extorted
$50,000 from several leading American corporations, which were not
identified.
Virgil Spiridon, chief inspector of Romania's national police and head of a
newly launched computer crime task force, said authorities have intercepted
online traffic, tracked Internet headers and addresses, searched suspects'
homes and seized hard drives.
But Mihai Radu of Bucharest-based BitDefender, a data security company, says
criminals are smarter than local authorities.
Romanian police asked BitDefender to help track down a 24-year-old
university student suspected of creating and releasing a version of the
crippling MSBlaster worm in August. The suspect, Dan Ciobanu, has not been
arrested but remains under investigation.
"The Romanian police aren't qualified," Radu said as young analysts in
jeans, T-shirts and sneakers disassembled strings of code to detect possible
viruses. "They don't have the tools, the skills, the software."
Pointing up the criminals' knack for staying one step ahead of the law, FBI
documents note that because consumers are reluctant to do business with
Romanians, some scammers have found accomplices in other countries. Others
pass themselves off as coming from elsewhere.
When police caught on that criminals were getting paid through Western Union
transactions, they switched to direct bank-to-bank transfers, which are
trickier to trace. Lately, they've set up bogus PayPal-style escrow
accounts.
In an astonishing show of bravado, some cybercriminals dare even to toy with
those tracking them.
Radu recalls logging on to his PC at home, only to watch in horror as the
cursor moved independently around the screen and the CD-ROM tray slid in and
out as though possessed by a poltergeist.
"I was hacked," he said. "There's a fight between the dark side and the
light side."
Gesturing toward BitDefender's football field-sized room of programmers, he
added cryptically: "They can do anything. If they weren't working for us,
who knows what they'd be up to." |
RoDI
ISOC
IWA
ARTT
RTS
WQC 2003
ISAQ 2005