Analysis: A globetrotter's guide to cyber crime

[chiawaikian]

Analysis: A globetrotter's guide to cyber crime

Is it as simple as pointing the finger at China, Russia and the US?

 

In the world of cyber crime it is very easy to get drawn into the stereotypes that are commonly bandied about regarding who does what. 'The Chinese', 'The Israelis', 'The Nigerians' and 'The Russians' are often talked about in grossly generalised terms, sometimes underpinned by hard fact, sometimes not.

 

The most important factor in understanding the limitations of such generalisations is that malware and hack attacks can be launched from anywhere and by anybody. Likewise we have to be aware that criminals will go to great lengths to obscure their tracks.

 

So drawing a definitive map of cyber crime is therefore far from an exact science and assuming any one country has sole rights to any one crime would be a mistake. Cyber crime is truly a global problem.

 

Yet despite all this there are still some clear regional trends, though this is a far from comprehensive list.

 

The US

 

With a high number of internet connections and a rich history of web- and computer-literate criminals, the US is understandably the major focus for much of the discussion into the current global problem of cyber crime.

 

For example, according to Spamhaus, the US is not only responsible for more spam than any other nation, it is actually far worse than the rest of the current top 10 put together. Though much US spam has traditionally travelled via China, the US does certainly harbour some of the most prolific spammers in the world, as well as the world's three worst ISPs for relaying spam, says Spamhaus.

 

That ISP figure points towards a hidden menace which further blurs the boundaries of cyber crime - the sheer number of PCs that have been compromised and are churning out spam and malware unbeknownst to their owners. The most recent figures from MessageLabs suggest almost one-fifth (18.1 per cent) of all compromised machines are located in the US - and it's a fair bet, based on recent police investigations, that many of those doing the infecting are also US-based.

 

This isn't to say that compromised PCs - or botnets - are solely a US problem, far from it. Criminals care little for where their botnets are located, as long as they are connected to a broadband connection which can be abused.

 

The US also accounted for about one-fifth of internet attacks and probes last year, according to figures from Kaspersky Labs. It was second only to China.

 

 

China

 

China leads the way in terms of originating internet attacks, accounting for just over one-quarter of all reports last year of internet attacks and probes, according to Kaspersky Labs. The country also has a reputation for relaying large quantities of spam.

 

China boasts a huge population and a rapid rate of internet adoption. As connections to the internet grow and populations become more web savvy, those countries with the largest populations will naturally represent an ever-larger threat in proportional terms. It is a numbers game to a degree.

 

Of course China will originate more internet attacks than the UK, for example, but then it has double the number of internet users already. However, the severity of China's internet crime problem is greater than the UK's by an order of magnitude far in excess of double.

 

The country's mechanisms for dealing with the problem and its government's willingness to address the issue are also at a less mature stage than other countries. Such factors make the process of understanding the scale of each country's liability difficult and make comparisons largely impossible.

 

Russia and the Baltic States

 

Despite the popular myth that 'The Russians' are the greatest threat to internet security, Russia accounted for only two per cent of internet attacks and probes last year. That puts the country down in sixth place, according to Kaspersky Labs, supporting security expert Eugene Kaspersky's understandably patriotic debunking of this theory.

 

The eponymous founder of Kaspersky Labs blames the stereotype on the American media, suggesting propaganda and political point-scoring has done little to paint a clearer picture of which countries are responsible for what kinds of attacks.

 

Nonetheless, the reputation of Russia and the Baltic States has certainly been tarnished in recent years by a growing trend towards blackmail with threats of denial of service attacks. And while this is in no way unique to these parts of the former Soviet Union as all crimes, if successful, will develop a global appeal - experts claim it is a crime that was pioneered in the region - though targets were often based in the US or Western Europe.

 

 

Europe

 

 

Europe like the US plays a twin role in the world of cyber crime - as the home to perpetrators but also as a common victim. It makes sense that many of the countries with the most attractive economies will attract criminals who are increasingly spurred on by a financial incentive. And so it has proved.

 

Europe also has a very active hacker network and recent years have seen a number of European virus writers arrested in relation to serious attacks. Perhaps most famous of all is Sven Jaschan, the German teenaged writer of the Sasser virus. Another famous virus - as much for its social engineering as for its payload - was the Kournikova virus whose Dutch author was arrested in 2001.

 

And high-profile arrests are just the tip of the iceberg. Criminals within a number of accession countries to the EU have been linked with crimes such as denial of service attacks as well as the distribution of malware.

 

As with the US, Europe is also guilty of relaying a great deal of malware infections via unguarded home PCs and large ISPs, though this may see Europeans cast as the 'mule' rather than the criminal at source. France, Germany, Italy, Spain and the UK are all in a recent top 10 of nations originating Trojan infections, which may be unwittingly spammed out from infected botnets.

 

Developing world

 

By mid-2006, the penetration of the internet will have reached almost all corners of the globe and every country which has connections to the internet will have individuals within its population who will try to exploit this connectivity in a criminal manner. It has nothing to do with a country's 'national characteristics' and everything to do with the fact that a small percentage of any population will always turn to crime.

 

For some in the developing world internet crime will offer something of a level playing field as they attempt to bridge the iniquities of the world economy.

 

Take West Africa, which has become synonymous with electronic fraud in the wake of so-called 419 email scams and other internet-based fraud originating from Nigeria.

 

Many of these scams are crude but it's reasonable to expect them to follow the same learning curve of increasing sophistication that other areas have witnessed. And, just as it would be na?ve to assume Nigeria is the only area involved in committing 419 scams, it is wrong to assume that other forms of cyber crime aren't also being committed there.

 

South America

 

South America has seen many instances of website defacements and although these are a worldwide problem it is certainly a hotbed for this type of activity.

 

At one time there was a spate of such attacks coming out of Brazil and the country still has a very active hacker community.

 

Middle East

 

In less politically stable regions, such as the Middle East, we have seen several websites vandalised as well as sites defaced with a political message - often called 'hacktivism', though this is small scale and lacks the severity of impact that other attacks have.

 

Also in the Middle East there is a strong growing association between Israel and the use of spyware. Similarly the use of Trojans and other spying technologies appears to have found some popularity in Israel but again it is far from unique to the one country.

 

 

 

In conclusion, while it is worth identifying the most obvious and most serious trends in global cyber crime, we must realise it is never going to be as straightforward as assuming the battle lines are drawn as clearly as the national boundaries on the map.

 

Cyber crime is a global problem, requiring global co-operation which is currently almost non-existent. Because, in all of this the only other given - besides a human predisposition towards crime - is that criminals will choose the path of least resistance, picking territories with the weakest legislation and the slightest chance of being caught.

 

It doesn't matter where they live or what it says on their passport, a minority of people will try to find a way to commit crimes wherever and against whoever they believe will be most profitable to them.

 

 

 

Silicon.com

[Eldmannen]

Well, one problem is the nigerians. They spam hell alot. About "HI I AM THE SON OF PRESIDENT OF CORRUPT GOVERMENT, MY FATHER WAS THROWN IN PRISON, THEREFOR I SEEK YOUR ASSISTANCE TO TRANSFER A ZILLION MILLION BILLION DOLLARLS! IF YOU HELP ME YOU WILL GET 35% OF IT."

 

Then there are the general population (especially the dumb ass AOL users) who click on every single banner that says "FREE SMILEYS", "FREE SCREENSAVER!", or "YOU ARE VISITOR NUMBER 100 MILLION, CLICK HERE TO CLAIM YOUR PRIZE!", not to mention opening all e-mail attachments from strangers with titles such as "Britney_Spears_Nude.jpg.com".

And get massinfected with spyware, malware, and various bots used for spamming.

[zaphirer]

Not like my aunt. "Your computer has been infected with spyware. Click here to scan."

 

 

"Okay!"