The Russian cybermafia: Beginnings

The CJ341 Cyberlaw & Cybercrime course in the Criminal Justice department at Norwich University requires a short (3,000 word) term paper from each student. The students choose relevant topics that interest them and work through the semester on outlines and drafts before submitting their final version for grading. The paper by US Army ROTC Cadet Bradley Guinen demonstrated excellent research and provided interesting information for his fellow students and for readers of this column. Cadet Guinen and Mich Kabay collaborated closely in adapting Guinen's work for this series of three columns.

* * *reputation. However, cybercrime has become more organized. "The majority of data breaches are the result of organized crime," says Nick Holland, an analyst at Aite Group, a research and advisory firm focused on business, technology and regulatory issues. Cybercrime has created a new frontier for organized crime; Dmitri Alperovitch, an Internet threat researcher for McAfee, says "The current security environment is ripe for cybercriminals. Unlike other types of crimes, cybercrime has low barriers to entry, there is little prevention and few enforcement mechanisms, and the returns can be enormous! The ease of doing business has facilitated a reported 275,000 incidents in 2008 which translates to about $265 million lost in the U.S. Alone." These organized cybercrime groups are located all around the world, but one place in particular has been a hotspot for organized groups of cyber criminals: Russia.

There was a time when computer criminals were mostly interested in "rep" –

Russia's long-standing history of organized crime has nurtured a current crop of cybercrime organizations dedicated to the theft of personal and financial information and political hacktivism. During a BlackHat USA presentation in 2009,  Alperovitch stated that "Russia's history of organized crime has paved the way for the emergence of highly sophisticated cybercrime groups that have spearheaded the emergence of Internet worms, botnets, spamming, phishing, and credit card forums." 

Alperovitch traced Russian organized crime to the Lenin & Trotsky era. Many of these criminal organizations had their beginnings in the infamous gulags of the Soviet era. They followed a strict code known as "The Thieves' Code" which basically alienated the individual from his family and entirely committed themselves to the organization. To break any of these rules usually ensured mutilation or death. Every member of these organizations had to view crime as "a way of life…" and had to be "willing to live and die for their organization." Such loyalty enabled these Russian cybercrime groups to be highly productive.

At first Russian cybercrime was off the radar only being noted for software piracy until in 1994 Vladimir Levin and his collaboration of hackers were able to access more than $10 million through computerized systems from Citibank over the course of a few weeks. Levin and his colleagues used stolen key codes, user IDs, and passwords to wire transfer various amounts ranging from thousands to tens of thousands to accounts his group controlled in the United States, Finland, Netherlands, Germany, Israel, Argentina, and Indonesia. 

It was only in July 1994 that Citibank customers began reporting a total of $400,000 missing from two accounts. The Citibank's security system was able to flag two transfers in August 1994. One was for $26,800, the other for $304,000. Bank officials immediately contacted the FBI, which began tracking Levin as he continued to trespass into Citibank's systems and make more transfers. They tracked a total of 18 login sessions over a few weeks between June and October 1994. Through the efforts of the FBI authorities, Citibank officials, and Russian telephone employees, they pinpointed the source of Levin's operation to the workplace of Levin in St. Petersburg, Russia. He was finally arrested in Heathrow airport in London in March 1995. But this was just one of the first occurrences that brought Russian organized cybercrime to the FBI's watch list.

More in part two of this three-part series.

* * *

Bradley Guinen is due to graduate from Norwich University in 2013 with a BSc in Computer Security and  Information Assurance. He is a proud member of the US Army Reserve Officer Training Corps at Norwich University, home of the ROTC.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2011 IDG Communications, Inc.