Mobs Turn Net into Money Machine

R. A. Hettinga rah at shipwright.com
Wed Oct 8 14:47:16 EDT 2003 

--- begin forwarded text


Status:  U
Date: Wed, 8 Oct 2003 14:10:52 -0400
To: "Philodox Clips" <clips at philodox.com>
From: "R. A. Hettinga" <rah at shipwright.com>
Subject: Mobs Turn Net into Money Machine
Reply-To: "Philodox Clips" <clips at philodox.com>
Sender: <clips at philodox.com>
List-Subscribe: <mailto:clips-on at philodox.com>

In related news, Wired News turns internet into the Augean Stables of the Infocalypse...

Cheers,
RAH
--------

<http://www.wired.com/news/print/0,1294,60735,00.html>

Wired News

Mobs Turn Net into Money Machine  
Reuters 

Story location: http://www.wired.com/news/technology/0,1282,60735,00.html 

02:25 PM Oct. 07, 2003 PT 

LONDON -- Organized crime syndicates have stepped up their presence on the Internet, operating extortion rackets, child-pornography rings and elaborate financial scams, Britain's top cybercop told Reuters. 

And the most vulnerable target is the individual Web user, said Detective Chief Superintendent Len Hynds, head of the U.K.'s National Hi-Tech Crime Unit, or NHTCU. 

"Organized crime is turning to the weakest element in the chain, which is the people. It's the hands on the keyboard on either end of the transaction that is the actual weak point," Hynds said. 

The crime syndicates, he said, are based in every corner of the globe. Investigations have led the NHTCU repeatedly to Eastern European countries, including Ukraine, Russia and Latvia. 

The groups have honed their Internet skills as a greater flow of business is conducted online. 

"Organized crime in all its guises is extremely flexible. It does spot the new and lucrative opportunity," Hynds said. 

In the NHTCU's two-year existence, the 55-person task force has made nearly 110 arrests for such age-old crimes as blackmail and extortion as well as decidedly high-tech computer hacking cases. 

Law-enforcement officials throughout the world suspect crime rings are recruiting technically savvy programmers to concoct fraud schemes against banks and businesses. 

An increasingly common scam hitting financial institutions is known as "website spoofing," in which a fraudster sets up a bogus online business that closely resembles a bank or business website. 

The aim is to lure unsuspecting Internet users to the phony site in an effort to get them to submit their credit card and bank details. The NHTCU said 40 U.K. businesses have been hit by the spoofing scam so far this year, up from seven a year ago. 

Hacking attacks, once considered the domain of bored teenagers looking to prove their Net skills, also have become an increasingly common weapon in organized crime's arsenal, said Hynds. 

Some have launched "denial of service" attacks -- which consist of a crippling barrage of data capable of knocking Net companies offline -- against Internet service providers and online casinos. 

Under such a scenario, the groups threaten to unleash the attacks on businesses unless they pay a ransom. 

But the most active area for the NHTCU, and similar investigative teams, continues to be breaking up child-pornography rings. Nearly half of the 110 arrests made by the unit have been for pedophilia-related charges, Hynds said. 

"We are focusing on the organized groups that are making money out of peddling child pornography on the Internet. We are doing that in partnership with business and industry," he said. 

"We've deployed officers from this office overseas to physically remove children to places of safety," he added. 

International police forces have been tackling the rise of child pornography online with greater success recently. Last week, German police said they cracked a global pedophile ring that involved 26,500 computer users from 166 countries. 

The NHTCU also is investigating links between virus writers and extremist groups as it prepares defenses for a possible attack. The crime-fighting unit has started working with antivirus firms to identify patterns in the source code of the most damaging Internet worms and viruses to determine whether they are the work of organized subversive groups or crime syndicates. 

The hope is that buried somewhere in the lines of code will be clues to the authors' identities, motives and, possibly, future acts of sabotage. 

Of the dozens of viruses and worms that emerge on the Internet each week, none have been traced back to organized crime or subversives aiming to disrupt a country's infrastructure. 

But as increasingly sophisticated programs surface, law enforcement officials are preparing themselves for this type of cyberwarfare. 

"It's a tactic that could be utilized," said Hynds. "We've seen legitimate programs used in a way which allows people to have remote access to compromised systems. And similarly, viruses, Trojans and worms can be used by organized crime to launch attacks." 

The challenge for law enforcement is in catching the suspects. Police have tracked down an increasing number of virus writers lately, but creators of the most-damaging outbreaks remain at large and, some security officials say, may never be caught. 

Some increasingly potent viruses and worms, including this summer's Sobig.F virus and Blaster worm , wreaked havoc on corporate and government computer systems around the world. 

Sobig.F carried a type of Trojan program. A mounting concern among security officials everywhere is that a Trojan -- so named because they embed themselves on infected machines and give virus writers the capability of controlling the computers from remote locations -- could bore into a computer network and compromise, say, a police emergency-response phone system or air-traffic control system. 

A digital attack in isolation would inflict relatively little damage, experts say. But should the incident be timed to coincide with a physical act of sabotage -- in what security experts refer to as a "blended threat" -- the toll could be high. 

With security forces on high alert in the wake of the Sept. 11, 2001, terror attacks in the United States, response plans to all potential acts of sabotage -- digital or physical -- are being reviewed. 



-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list