[LINK] Silent working of the brain gangs

Mon Mar 28 10:03:02 EST 2005

Silent working of the brain gangs
Date: March 28 2005
SMH
http://www.smh.com.au/text/articles/2005/03/27/1111862257762.html

Organised crime is spreading on the internet, report Peter Warren and
Michael Streeter.

The internet has become a non-stop source of crime stories. British
police this month foiled an audacious attempt by computer hackers to
steal £220 million ($530 million) from the London branch of the Japanese
Sumitomo Bank.

The Bank of America recently revealed it had lost computer tapes
containing financial data on 1.2 million workers, including senators.

About 800 "phishing" or hoax banking sites have been shut down in the
past 10 months - about 230 of them in the Asia Pacific, MasterCard
reports.

Prompted by annual cyber-crime losses of $25 million, Australian banks
will introduce strict new identification requirements by the end of the
year.

Cyber-crime was once largely the preserve of individuals or politically
aware groups that wanted to make a point about government and big
business taking over what they felt should have been the gently anarchic
internet world. The only real victims were companies and bureaucracies.
The rest of us looked on unconcerned - and even amused.

But now the criminals don't want our attention - they want our money.
America's Federal Trade Commission revealed last year that 10 million US
citizens had fallen victim to identity theft at a cost of $50 billion,
and that 2 million people were conned by phishing attacks.

The most worrying development is that more and more of these attacks are
being committed by sophisticated crime gangs. They have been preparing
the ground for years by getting their members trained for the job, says
Tony Neate, the industry liaison officer of Britain's high tech crime
unit.

"Serious and organised crime is very aware of the use of technology to
further its activities," says Neate, who is one of the new breed of
cybercops in the developed world trained to counter online crime. The
gangs are investing in people to further those activities, he says. "We
have evidence that they are putting people through university."

This trend was confirmed by a hacker with links to a north London crime
syndicate in the 1990s. "One member put his daughter through university
so she could get a job in a bank and then they set up the crime," says
the hacker.

"Apparently, she 'made a mistake' as she transferred around £500,000
into a dodgy account and the bank sacked her - but the deed was already
done."

Hackers such as Nicholas Whitely, the first to be imprisoned in Britain,
have confirmed they were approached by criminals while inside in the
1990s to use their skills to help gangs. Other hackers have revealed
that they were employed by syndicates to wipe hard drives from stolen
computers to eradicate any trace of ownership.

Crime organisations are operating like those legitimate businesses that
saw the advantages of embracing the technological revolution and
developed a strategy accordingly.

"They see a new opportunity come up in crime and they set up a new
section," Neate says. "There certainly is a research and development
department in these organisations."

There are, of course, some differences in how the gangs recruit their
staff. One accomplished Russian hacker says he was initially offered a
small sum of money to co-operate with a gang - or face a violent
alternative. This is a familiar story in Russia and former eastern bloc
countries, which provide the bulk of the world's cyber criminals.

Much of the activity is centred on St Petersburg, which has a lot of
very able maths and computer studies graduates, says Detective Chief
Superintendent Len Hynds, the head of the high-tech crime unit, who has
been working with Russian authorities to counter the problem.

"I do know that the programmers concerned have been set a whole range of
different tasks, including the management of websites, the development
of phishing scams and the control of 'bot net armies'," he says.

Bot net armies are increasingly the weapon of choice for many gangs. The
criminals, using viruses or "spyware" downloaded onto unprotected
computers, control hundreds of thousands of software robots around the
world. At a pre-arranged signal, these computers simultaneously bombard
the intended target with a stream of junk data until it is brought down.

The purpose of this scam is extortion - website owners are threatened
with the loss of their website (and therefore business) unless they hand
over protection money. International gambling sites have been a target
of these crimes in recent years.

Such attacks generally net between $15,000 and $40,000, which may seem
small, but when multiplied by a factor of 80 or so they start to
generate healthy revenue streams for more forward-thinking Russian
organised crime groups, such as Tambov and Solntsevo. In east Asia,
where gambling is a popular pastime, the Russians have found rich
pickings.

The computers that the criminals use to hide their bot armies - or
herds, as they are also called - are usually poorly protected home PCs,
especially those with high-speed broadband links.

Like so much else in the world of computers and the internet, this
practice started out as relatively harmless fun among computer buffs. It
was the age of "bot rustling", a competition in which herdsmen would
compete to try to seize the slave computers from their rival's bot
herds.

Soon, however, the bot herdsmen found organised criminals literally
knocking on their doors. A recent trend has been the renting out of bot
nets for about $US1 per bot a day.

One problem is that so many computer and internet users know little
about how to guard themselves, and are therefore easy targets.

One hacker who had been involved briefly in internet crime says:
"There's clever people and there's stupid people - and the internet
magnifies that by a factor of millions."

The Guardian

--
The common argument that crime is caused by poverty is a kind of slander
on the poor. 
-- H. L. Mencken

Regards
brd

Bernard Robertson-Dunn
Sydney Australia
brd at iimetro.com.au