Ukrainian BlackHats: Cybercrime comes of Age

I admit that when I was a University student, I engaged in my fair share of hacking and cracking. It certainly was enjoyable to probe and test the often laughable security systems that existed back in the early 1990s in a range of systems, using my trusted BBS, Mosaic and a number of 386/486 beasts. But back then, the list of possible targets was relatively small and hacking was mainly small teams of 'highly intelligent idiots' just looking for a bit of fun, with no serious intent of malice (though it did exist, any damage done was usually unintentional).

It's a very different story today.

With the rise of online commerce and billions of dollars of cash and securities moving around the world every few seconds, the opportunity - and temptation - for cybercrime has rarely been greater. And it is in this endeavour I am seeing Ukraine taking a leading role.

Despite many problems in its society, Ukraine has had a long tradition of excellence (as has Russia) in education in the sciences, including mathematics and also computer programming that it continues to maintain. This should be a good thing for the nation, but when you combine this with abysmally low salaries, limited employment prospects, weak law enforcement and all round corruption, the recipe makes for a cybercrime Nirvana.

I had this illustrated to me quite clearly recently. Cutting a long story very short, like just about every other westerner in Ukraine, my details were sold by various officials to some less than upright individuals who tried to get me to invest in all sorts of scams and also trick money out of me. One of these games involved hiding a cleverly written piece of malware in an official looking, well targeted email that I almost got caught out by. Whilst I had enough suspicion to stop, it was a close call and breaking the file down led me to be more than a little impressed with the programming skill behind it. I had to find out more.

Some low level snooping around led me to the world of Ukrainian cybercrime. I ended up at a somewhat dilapidated looking building in Lviv one morning. What pipped my interest was the large number of young, casually but well dressed guys (and one girl) who entered into the building . The cars were the giveaway: not too many young Ukrainians can afford brand new Toyota Landcruisers, BMW 3 series and Audi A6s, and especially not in Lviv. I won't go into too much detail, but the computers and servers inside were most impressive, as were the CISCO ASA hardware firewalls, routers and other top shelf equipment that would not have been out of place in Palo Alto.

These guys were being paid by one seriously nasty syndicate to develop malware for purposes ranging from stealing transaction passwords to creating botnets. And a more elite team of older and more experienced hackers was tasked with making life busy for ther world's largest financial institutions. These guys were being paid a base rate of between EUR 500 to 2,000 per week, plus a bonus commission, which could more than triple their pay every month. These sums are unheard of in this part of the world for people this age.
To make the above possible, this one outfit was ripping off well over EUR 10 million a year. Key people had been paid off and these guys operated with virtual impunity. And the guys running the op are very, very dangerous, even by the standards of this part of the world. Not the kind of people you would want to have to explain yourself to.

The above is relatively common and is going to be even more so as cybercime becomes increasingly common. Efforts to counteract it will have to be led from outside Ukraine: too many people are involved in it locally who should be fighting it.