Monday, May 17, 2021

Taking on Cyber Crime’s New Mob Ties

The U.S. government is teaming up with security industry leaders to reach

out to foreign countries and help them tackle the growing global problem

of cyber crime.

U.S. law enforcement agents and prosecutors have been working hard to

capture and prosecute virus authors, spammers and the people behind

online identity theft schemes here in the U.S. But that’s just taking a

bite out of a larger worldwide problem.

The U.S. only has jurisdiction over spam that originates on these shores

or virus writers who live here in the states. The countless other cyber

criminals who live outside the country are beyond the reach of U.S.

agents, who may only aid foreign investigations — when the assistance is

welcome.

That, some security experts say, is leaving U.S. corporations and users

more open to attack. And the danger is increasing as organized crime

increasingly becomes involved.

”There’s a lot to be done,” says one computer security investigator who

asked not to be named in this story. ”There’s a great need to get

diplomatic weight in dealing with these hackers. There need to be

bilateral agreements, extradition laws and legal agreements.

”Working together globally is absolutely critical,” he adds. ”You need

local assistance in these countries to get these guys. We can’t just fly

people over there to investigate and arrest people. We have to be able to

work together.”

And that’s exactly what is starting to happen, according to Chris

Painter, deputy chief of the Computer Crime and Intellectual Property

Section at the Department of Justice.

Painter, who also chairs the G8 High-Tech Crime SubGroup, says he has

been working with others in the U.S. government to reach out to foreign

governments and develop needed relationships. Painter points to the G8

and the Council of Europe, which worked together to formulate the first

Cyber Crime Convention that has been signed by 41 countries to date. It

is being considered for ratification in the U.S.

Painter says getting various countries to work together to define the

problem and discusse courses to take is a key first step in ultimately

sharing information and mutually aiding investigations and prosecutions.

”We’re working really hard to reach out to countries and help them draft

laws that will allow them to investigate these things and to punish these

kinds of crimes,” he adds.

Painter and various security leaders agree that it will take a joint

effort to stem the tide of cyber crime — especially now that hackers,

spammers and virus writers are teaming up together to make a living

instead of just making a name for themselves.

And to make matters even worse, industry observers say organized crime is

playing a much greater part in cyber crime than ever before.

”We’ve definitely seen organized crime groups involved,” says Painter.

”People are highly specialized in different parts of a scheme. They

gather together in the online world, where they didn’t have that

opportunity in the physical world.”

Part of the problem is that technically savvy people — whether they’re

hackers or code writers or phishers — have begun to work together. That

kind of cooperation only ups their sophistication and abilities.

But a bigger problem might be the fact that organized crime now is

involved. Where as crime families generally are known for being involved

with gambling, prostitution and money laundering, the cyber world now is

beckoning to them.

Criminal gangs simply will go where the money is.

”Oh, it’s already happening,” says the computer security investigator.

”Organized crime is acting as the overlords. The technical geeks are

managed by organized crime.”

The investigator says the Russian mob is highly involved, and has been

effectively using spam as a new revenue source.

Mark Sunner, chief technology officer of MessageLabs, a managed email

security company based in the U.K., says organized crime groups are using

old methods to make money off modern schemes.

”Organized crime comes in to play when it comes to money laundering,”

says Sunner. ”With phishing… a lot of the money winds up in Russia.

The laundering methods are old methods.”

Sunner also notes that criminals might feel safer running their schemes

from countries like Russia, where there’s less chance of prosecution.

”There’s a good basis of technical skills in these regions and the law

is protecting them there,” he says. ”Law enforcement knows who they are

and the criminals know they know. Either the law there has no teeth or

there is no law at all… And there’s an awful lot of corruption.”

Figuring out how law enforcement from different countries can work

together is critical, according to Sunner.

”We’re just starting to see spam legislation get in synch in certain

areas, and for ISPs to share data,” he adds. ”It’s a start.”

Similar articles

Latest Articles

Managed Security Services Provider...

COMMERCE, Mich. — A managed security services provider (MSSP) is rolling out a way to help cybersecurity executives get a better view of their...

What is Data Annotation?

You've completed a hefty round of raw data collection, and now you want to feed that information into artificial intelligence (AI) machines, so they...

How IBM has Changed...

Think is IBM’s big annual conference, and again this year, it was digital. I’m noticing a sharp quality difference in shows like this where...

Database-Tuning Platform Launches and...

PITTSBURGH — A team out of Carnegie Mellon University is launching its automatic database-tuning product today with the help of $2.5 million in funding.   OtterTune,...