National Defense Magazine has an article up in their May edition about the case of a Russian cyberthief. It illustrates the mindset of a hacker and the challenges faced by US corporations. Here is an excerpt:
“Vladimir” came from a good family in Moscow. His parents both had advanced degrees and he was an academic star in high school.
He studied finance at his university and was equally well versed in computer science and physics. Smart, well spoken and personable, he could have been anything he wanted to be. But he chose to become a cyberthief.
He first gravitated to the hacking underground at age 16. “There he found a world of colleagues, teachers, conspirators and entrepreneurs,” Danner said. Rising through the ranks and gaining prestige among peers requires neophytes to display the skills required to break into secure networks that contain valuable data.
The collaboration and synergies in hacker circles are as robust as any found in the best special operations and law enforcement teams. “The difference is they collaborate amongst themselves anonymously,” he added. Hackers have different specialties and work in teams, he said. They learn and share knowledge and tools among each other. “They are, in fact, a community of practice,” he said. “They conduct their reconnaissance and research in a strategic manner in a project management approach.”
The vast majority of their time is spent on operational planning, research and reconnaissance before they carry out an attack. Vladimir, for example, would never launch an operation that didn’t get laundered through at least 10 servers.
Vladimir specialized in bilking wealthy Americans. He read Forbes Magazine to glean names, broke into databases to grab former addresses, mother’s maiden names, social security numbers and other useful information. He had American co-conspirators, who specialized in making fake IDs and credit cards. They would apply for home equity loans and then abscond with the money.
Vladimir boasted that it was easy to build a profile on U.S. residents. “I was really impressed with his data harvesting skills. He was really on par with the best investigators and intelligence professionals,” said a police investigator, who interviewed Vladimir in a U.S prison. He sometimes hired U.S.-based private investigators who unwittingly gathered information for him. Vladimir also had a well-placed connection in Russian law enforcement who protected him.
This particular example of a hacker demonstrates how far some hackers will go in order to steal our data. The good ones do their research ahead of time and cover their tracks afterwards. It also shows the relationship between hacking and government, at least in some of the eastern bloc countries. The Iron Curtain may have fallen in the 1990’s, but it’s now been replaced by the chain link fence. You can still see through it, not as thick nor hard as the Iron Curtain, but still a barrier that isn’t easily penetrated.
It’s difficult to say how much of a relationship exists between government and hackers in Russia. It seems to me that there are hackers out there and law enforcement is corrupt and their services are available to the highest bidder, simply because the cost of living in some cities is so high. Hackers are useful to have around, just in case, and keeping them away from the prying eyes of the west is also useful. If the state isn’t actively using people like the Russian Business Network, they are at least looking the other way. Certainly there are some elements that are involved though maybe not directly.
China seems to be a different case. There, the government seems to have no qualms about protecting hackers and using them for cyber intrusions. They deny everything directly instead of looking the other way. The point is that while some hackers, phishers and spammers are throwing everything out there by casting a wide net and seeing what sticks, others are carefully sewing their nets together, using fish finders and casting their nets in those places. Targets (that’s ham-and-eggers like you and me) beware.