Russian Mafia threatens Net

By Laura Lorek Interactive Week July 16, 2001 6:16 AM PT Organized crime rings in Russia and the rest of the former Soviet Union are increasingly hacking into U.S. e-commerce and banking Web sites, posing an enormous economic threat.

Hackers have launched computer viruses and disruptive denial-of-service attacks, but the biggest danger comes from hackers with ties to organized crime breaking into computers, FBI officials said.

Spearheading the organized hacking rings is the Russian Mafia, security experts say. The Russian Mafia has infiltrated many businesses in the former Soviet Union, and is becoming increasingly sophisticated in computer crimes.

These groups are penetrating computers in the U.S. and other Western countries to obtain illegal profits, said John Collingwood, FBI assistant director for public affairs, during a briefing at FBI headquarters in Washington, D.C., recently.

"For the foreseeable future, we are going to see an explosion in this area," Collingwood said. "It's literally a brand new area for us. And it is one where no one is sure of what the implications will be."

The FBI said that 40 companies in 20 states have been identified as targets of what the agency euphemistically calls Eastern European organized crime groups. More than 1 million credit card numbers have been stolen by the groups.

The Russian Mafia is operating in 50 countries, including the U.S., with representatives in every major city, according to Jeffrey Robinson, an expert on the Russian Mafia and author of The Merger. He said it has created a "wealthy cabal destined to become the most powerful special interest group in the world."

Russian hackers pose one of the biggest threats to the United States' vibrant e-commerce and computer industry, said Julie Fergerson, a fraud detective and co-founder of ClearCommerce, a security company for e-commerce firms in Austin, Texas. "We are seeing more and more sophisticated attacks coming from that part of the world," Fergerson said.

Security experts said the Russian Mafia hacking rings are often run by former KGB agents who recruit hackers in their 20s to do the dirty work. The young hackers typically answer Internet advertisements for computer programmers, planted by organized crime outfits in Moscow, St. Petersburg and Murmansk.

The Russian Ministry of Internal Affairs estimated that 5,600 criminal groups with more than 100,000 members are primarily involved in money laundering, the drug business and extortion.

The hackers hired by the Russian Mafia break into e-commerce computers and steal credit card and bank account numbers. Some of them even resort to extortion, pledging to release the data if companies do not pay them off, security experts said.

The FBI said such hackers have penetrated U.S. e-commerce computers by exploiting vulnerabilities in unpatched Microsoft Windows NT operating systems. Microsoft has known about the holes since 1998 and has posted patches to fix them on its Web site. But many companies have still not taken steps to fix the holes, according to the FBI.

Authorities said the Russian Mafia members gain access to a company's computer systems, download proprietary information - such as trade secrets, customer databases and credit card information - and then demand money to patch the system against other hackers.

"We are seeing more and more clients being victims of cyberextortion because it's so easy to launch a cyberattack," said Ty R. Sagalow, chief operating officer of AIG eBusiness Risk Solutions, a company that writes insurance policies against hacking attacks for companies. American International Group hires an investigator to look into the break-in, but under many circumstances, it will actually pay off the extortionist.

"If our clients are going to lose money by getting attacked, then we pay him off," Sagalow said. "But right after we pay him off, we post a $50,000 reward for information leading to an arrest."

Eastern Europe's computer crackers and hackers are the most skillful in the world, said Joe Rosetti, senior vice president of Ipsa International, a New York security company.

Incidences of Russian hackers breaking into e-commerce sites abound, but it is unclear whether they are tied to the Russian Mafia. The FBI would not provide details on the organized hacking rings in Eastern Europe because it has an ongoing investigation, a spokesman said.

In May, Russian police arrested a gang of suspected hackers led by a 63-year-old man. The hackers used Internet cafZ*s in Moscow to steal about 300 credit card numbers from people in Western countries, the chief of Moscow's police computer crime unit said.

Last year, a Russian cyberthief known as Maxus stole credit card numbers from Internet retailer CD Universe. He demanded a $100,000 ransom, but when this was denied, he placed 25,000 of the numbers on a Web site, said Yaron Galant, director of product development at Sanctum, an Internet security software company. Maxus has never been caught.

The Russian Mafia is also selling trade secrets to foreign competitors of U.S. business, said Paul Fichtman, president and CEO of Internet Clearinghouse, an international fraud investigation company. In addition, organized crime groups are planting employees inside companies they want to target, he said.

"It's a nice tidy business," Fichtman said. "We're seeing it happen on a regular basis. There is nothing that cannot be hacked into. Some merchants make it a lot easier than others."

Russian law makes it illegal to hack into computer systems. The government imposes prison sentences of up to 10 years, plus fines, and has established a special technical crime department. But few cases are prosecuted, Ipsa's Rosetti said.

Hackers often work out of Internet cafZ*s in Russia, experts said. Street vendors sell Russian hacking software, and tools and magazines publish articles on how to break into Web sites. Russian Web sites also offer hacking tools.

Law enforcement agencies have trouble tracking down and prosecuting cybercriminals in foreign countries, and many businesses are often reluctant to report break-ins.

"There really is no deterrent for hackers to engage in this activity," Rosetti said.

Senior Writer Brian Ploskina contributed to this report.

http://www.zdnet.com/zdnn/stories/news/0,4586,2784950,00.html?chkpt=zdnn_nbs_hl

-- Martin Thompson (mthom1927@aol.com), July 19, 2001