The lab fighting cybercrime: Russia's weapon in the war against hi-tech gangs

Russia is the main breeding ground for hi-tech crime gangs but its security experts are linking with Interpol to combat the threat. Oscar Williams-Grut reports from Moscow

Click to follow
The Independent Online

At the height of their power the five-strong Koobface gang in St Petersburg, Russia, were pulling in $10,000 a day with a multinational scam that conned thousands. The men posted pictures online of themselves with their wives and girlfriends touring Europe's casinos in Spain, Nice, Monte Carlo and Germany.

But the gang's riches didn't come from people trafficking, drug smuggling, prostitution or mail fraud. These were a new breed of gangsters: cyber criminals.

The men used the so-called Koobface computer virus to take over people's computers, infecting them through phoney Facebook messages. Before it was discovered and shut down last year the computer "worm" infected as many as 800,000 computers globally.

The Koobface gang were relatively small players in the growing field of cybercrime. The Cabinet Office estimates that cybercrime costs the UK £27bn annually, and the anti-virus software firm McAfee this week said it costs the US almost four times that. "It's low risk, highly profitable and everyone can do it," says Stefan Tanase, a senior security researcher at the Russian cyber security firm Kaspersky Lab.

As smartphones, online banking and e-commerce become increasingly ubiquitous, traditional organised crime gangs are following the money and upgrading to the web. While online attacks used to be the domain of the tech-savvy, criminals with little technological knowledge are increasingly buying pre-made code that can be used to steal everything from bank account details to social network passwords.

The shift is costing businesses and individuals billions and leaving police lagging behind. What's more, it's happening in Kaspersky's own backyard.

"The top two countries for cybercrime are definitely China and Russia," says Mr Tanase. Of the five men featured on the FBI's cybercrime most wanted list, two are Russian, while another is from Latvia.

"It's very simple: these are areas where education systems are still good, so you've got so many people with really good skills, but there aren't many opportunities for them to use those skills. And of course law enforcement is not as strong as it is in the West, so it's the ideal environment."

While the perpetrators are concentrated in the east, their reach is worldwide. "Cybercrime is like the ocean," says Kaspersky's head of Latin America, Dimitry Bestuzhev. "It's just everywhere in all countries. If you have any digital device that is able to connect to a network you are a target."

Just last week web security experts exposed an online royal baby scam that tricked users into handing over their bank details with a fake link to a "live hospital camera".

At a conference at Kaspersky's Moscow headquarters last week Mr Bestuzhev outlined a complex and murky global underworld involving coders, hackers, black market websites where credit card details change hands for just $3, money mules recruited through suspicious "work from home" ads and ultimately the so-called "collectors", the kingpins who take the lion's share of the stolen money.

Authorities are struggling to catch those behind attacks. None of those suspected of being involved in the Koobface worm have been arrested, despite Facebook naming them publicly.

"On a global level law enforcement is years behind where the private sector is," says Mr Tanase. "While we work on our malware [malicious software] incidents, many times we get information. Bad guys make mistakes. You sit and you look at that data and you release there's nothing you can do. You can't just call him and ask him to stop."

But the good guys are set to get a significant boost. Kaspersky is one of a number of firms partnering with Interpol to establish an "internet Interpol", set to launch in Singapore next year. The Interpol Global Complex for Innovation, or IGCI, will specialise in tackling cybercrime and other online threats. "In the past Interpol was known as a very slow and outdated organisation," says Eugene Kaspersky, co-founder of Kaspersky Lab. "In 2000 Interpol didn't have email. Now it has cloud services for stolen passports, stolen cars, faces, etc. But these aren't internet crimes, they're traditional crimes. Interpol now wants to pay attention to cybercrime."

Kaspersky will share databases with Interpol, train officers and advise on infrastructure needs, all free of charge, as the threat of cybercrime and even cyberwar grows. He highlights the 2010 Stuxnet worm that infected Iran's nuclear facilities as an example of how easily states can be targeted.

Mr Kaspersky says: "What about drug cartels carrying out cyber attacks on governments? I'm afraid it's a very real possibility." It seems Russia may be ground zero for a worrying cold war involving states, crime gangs, hackers and an almost endless list of potential targets – but it is set to lead the fightback on home soil.