Russia ranks first in the world by the number of cybercrime victims, surpassing even China. Source: Alamy / Legion Media
Russia is planning to establish a Center to Combat Cyber Threats to address a wide variety of digital attacks. This measure was announced on September 23 by Nikolai Bordyuzha, general secretary of the Collective Security Treaty Organization (CSTO), which includes post-Soviet states such as Kazakhstan, Armenia and Belarus. Furthermore, the Security Council is preparing to adopt a new document entitled, “Principles of State Policy in the Formation of a Culture of Information Security.”
It seems the authorities have made the decision to be more assertive in taking on Russian hackers. According to the FBI, Russian hackers were behind the August break-in of JP Morgan Chase’s computer network and the communication centers of other American banks.
As a result of these cyber attacks, gigabytes of client data were lost. The FBI has accused the Kremlin of supporting hackers to get revenge for the sanctions imposed against it for its actions in Ukraine.
However, the Kremlin states that it is currently unable to fully get rid of hackers, their cyber mischief or their egregious financial crimes. According to Symantec, Russia suffered approximately $1.5 billion in damages from cyber attacks in 2013. Russia ranks first in the world by the number of cybercrime victims, surpassing even China. In August hackers broke into Russian Prime Minister Dmitry Medvedev’s Twitter account and tweeted on his behalf that he was resigning to become a “freelance photographer.”
Who will stand up to cybercriminals?
Experts polled by RBTH fear that the state’s measures will not be enough to address a complex and growing problem.
Ilya Sachkov, founder and CEO of Russian company Group-IB, which prevents and investigates cybercrimes, believes that legislative changes are needed. Alexei Lukatsky, a business consultant on information security at Cisco Systems, sees the problem as being that ”some software developers often possess insufficient knowledge on information security. As a consequence, the products they create are unsystematic and have a low level of protection.”
It should be noted that the members of the group that calls itself Anonymous International, which was responsible for hacking Medvedev’s Twitter account, did so on an iPhone. A representative of the group stated that an iPhone can be used in such a way that no personal information is stored, making it untraceable.
Get rich quick in Russia
Another problem is that, unlike their foreign equivalents, Russian-speaking hackers can more easily cash stolen funds. “In Europe, the United States and Asian countries, it’s not so easy to take money out at banks using cards or other payment systems,” Sachkov of Group-IB said.
Specialists from Group-IB recently discovered a Russian-speaking hacker with the pseudonym Hermes, who infected millions of computers with payment tools and Internet banking systems throughout the entire post-Soviet space.
Far from all Russian cybercriminals are actually from Russia. In general, they are Russian speakers dispersed throughout the territory of the former Soviet Union. After the USSR’s collapse, many IT specialists found themselves out of work and became hackers instead.
Experts have recently suggested that the level of professionalism demonstrated by hackers has been on the decline. “Earlier, Russian-speaking hackers were strong at devising schemes and algorithms for cybercrimes, but modern criminals aren’t as smart,” Sachkov said. “There are a lot of forums, publications and materials open for access on the Internet that tell you how to commit various cybercrimes and they use that data.”
Is cyber-theft a stateless crime?
Alexander Vurasko, deputy director of Department “K” at the Russian Interior Ministry, which fights IT crimes, told RBTH that lone hackers are gradually being pushed out of the market by secret, well-organized, decentralized groups that unite people from various Russian-speaking regions and countries.
Members of these criminal societies each have their own specialization, which imparts a degree of efficiency on their activities. It is possible that in many of these groups the cybercriminals know each other personally.
According to Vurasko, Department “K” is trying to send information on attackers to the law enforcement agencies of the country he or she is located in, instead of the country of origin of the victim. This prevents the need to conduct an investigation in a foreign state and trespass on its information networks.
Department “K” already has been working in such a way cooperating with the law enforcement agencies of several countries, including the UK, Germany and the U.S.
Russian-speaking hackers are more and more often using foreign technical platforms to create and administer Internet resources, exchange information and recruit new members. “In these conditions, it seems ineffective to decriminalize cyberspace without establishing tight working contacts with international partners and exchanging intelligence,” Vurasko told RBTH.
All rights reserved by Rossiyskaya Gazeta.