Computer Crime Research Center

staff/gva2.jpg

Cyber-crimes - Analytical data compiled

Date: January 03, 2008
Source: Computer Crime Research Center
By: Vladimir Golubev

1.Russian Federation

1.1. On July 4, many users of Runet (Russian Internet) received an e-mail that their Yandex-money account was blocked allegedly sent by Yandex officials. Webplanet workers received the message too. It was proposed to enter the website www.money.yandex.ru and enter personal data used to access the payment system to unblock accounts.

The fraudulent message and fake website were designed in Yandex corporate style. Though some symbols were distorted in the e-mail. Thus the message looked like unkempt and doubtful. Dp.ru informs that only one user took the bait. He entered login and password at the fake website. After turning to security service of Yandex-money the account was blocked, scam artists did not managed to get the money. Most of 24 fraudulent websites were closed. Now Yandex works on shutting down the rest and collects the evidence on scams to bring it to law enforcement.

Two months ago users of Yandex-money encountered the same phishing scam. Then is was more qualitative, messages were more neat, the address of the website looked like the original - yanclex.ru. Kaspersky Labs warned that there would be a boom of phishing in Russia. It happened in Europe and the US four years ago. Besides, Russian phishers are considered to be the most dangerous.

1.2. The Ministry of Internal Affairs of Russia prepared new drafts of laws concerning fight against cybercrime. Special Technical Measures Bureau, the most restricted department of the Ministry was the major developers of the proposed laws.

Deputy chief of the Special Technical Measures Bureau, major-general of police Konstantin Machabeli told about counteraction to using the Internet for terrorist, extremist purposes and other actual problems.

What are the most topical problems in the sphere of computer crime?

I will underline that almost all crimes, even general crimes are revealed with our help. It is possible to say that we are in the front row of fight against crime, we carry out innovative work for criminal police. At this, all special technical measures are conducted in strict accordance with law, without infringing rights and liberties of citizen. In regard to crimes in the sphere of information technologies, 15 thousand of computer crimes were filed in the last year, 8400 crimes were registered in the first half of 2006.

Late in 1990s were revealed 10-12 crimes annually, those crimes were mostly rowdy. Now two thirds of them are related to stealing information and unauthorized access to this information. Objects of infringements, sizes of damage incurred and possible consequences changed. Lets imagine consequences of hacker attack on objects of so-called critical infrastructure. Depiction of a criminal changed as well. Today crimes are committed by organized criminal groups or separate advanced persons. It is necessary to admit that late in 1990s the analysis of criminal situation in Russia let law enforcement to adequately respond the new threat.

A new 28th chapter appeared in the criminal law foreseeing responsibility for crimes in the sphere of high technologies, later punishment for child porn was introduced as well. At the same time a department “K” was created at the Special Technical Measures Bureau of the Ministry of Internal Affairs of Russian Federation.

Regional departments of the Bureau are working on fight against computer crime, illegal distribution of radio electronic and special technical means, scams in the sphere of electronic payment systems.

What cybercrimes are committed most often?

- Extremely variable computer scams: fake proposals of goods and services, hacker attack services, scams related to payment cards and accounts of electronic payment systems. 450 crimes were countered last year. 43% of victims are users of online auctions who prepay very low price goods. The other crimes are related to so-called black brides. Such crime was revealed by our officers this spring. Group of fraudsters on behalf of a girl-inhabitant of Yoshkar-Ola engaged a messaging with a German engineer who searched for a bride on the Internet. Scam artists sent a picture of a famous ballet dancer Anastasiya Volochkova. They using different pretexts fished 26 thousand EUR out of the future groom. Then the bride vanished. After the engineer informed the local department “K”, the group of nine scam artists was revealed.

The number of fake deals through the Internet shops is growing, where the payment is processed by the systems of WebMoney. New methods of electronic blackmail appeared. For example one airlines company received an e-mail threatening that terrorists would blow their airplane if the stated in the e-mail sum wasn’t transferred to the stated account. Our officers managed to find and arrest criminals quickly, besides they were in the other region. They were punished. Not all frauds are committed with the help of the Internet.

Last time, blackmail over cell phones acquired large scales. One scam artist called the victim chosen before and told that his relative became the participant of car accident with lethal consequence, but the investigator could burke the case for some sum. Accomplice is an intermediary, the money should be brought through him. There are some other ways: money transfer, payment cards. People plunged in grief often give thousands and tens of thousands USD. Mostly con artists are former or present convicts, acting through free accomplices. These people often manage to insinuate theirselves into victim’s confidence. Recently we disclosed such group counting five recidivists.

These criminal incomes form a collective criminal cash fund. We have already developed an algorithm to reveal malefactors. As the percentage of revealed cases grows, these crimes will less profitable and in some time disappear. Such trend was with backstreet units of phone telecommunications.

What does the term cyberterrorism mean?

First of all we mean use of Internet to recruit new members, placing information targeted on stirring up national hatred and racial intolerance.

Mostly support of terrorist and extremist websites is carried out from abroad. 85% of such resources are not within Russia. It is very easy to create a website in any country. It takes about 50 minutes and some money. It is possible to register the website at any name and to place on it any information. For example it is possible to find websites offering hitman services, saying nothing of ways to produce drugs and bombs.

How to fight it?

Unfortunately, there are some problems with law in this sphere. Today there are no rules on placing information on the Internet. If we find terrorist and extremist websites in Russia we turn to ISPs warn them and ask to take measures to restrict access to such data.

Usually ISPs do it, therefore our bureau obtains necessary means to block such websites, but there is no law prescribing such procedure. In this relation the agency’s hands are tied. However we introduced a row of legal initiatives concerning similar problems to the State Duma, with which we tightly cooperate.

I won’t dwell on them, let me bring only few offers. For example we would like to exclude anonymity when signing agreements on telecommunication services with ISPs. Besides according to the Communication Law of the Russian Federation, the agreement should contain an obligatory clause prescribing that the ISP may unilaterally terminate an agreement basing on the motivated written ruling of law enforcement.

Fight with cybercrime means tight international cooperation, doesn’t it?

Undoubtedly, the pledge of successful disclosure of such crimes in relation to their international character, speed of evidence existence is a timely exchange of information. In 1998 a special communication unit to exchange information with other countries was created at the Bureau. It works 24 hours a day, 7 days a week.

Officer of the special unit from the one country may at any time of the day communicate with the same unit in other country and obtain or give data necessary for investigation. These units work in 45 countries and their number will grow. Their efficiency is proved by numerous successful joint disclosures.

A case in Irkutsk is the latest example. A criminal group placed child porn on the web. They had hardware totaling more than 200 thousand USD. They chose children for shooting in unfortunate families and orphan asylums and then places movies in the Internet. Let me underline these crimes are not typical for the Russian Federation, almost 90% of such websites are hosted abroad.

A first international conference on cybercrime and cyberterrorism with 200 specialists from tens of countries in the history of Russia was organized and held. The participants were law enforcement, scientists, representatives of the UN, European Council and other bodies. The Russians proposed three projects: Clean web, Clean code and Clean connection. Clean web is to fight illegal use of the Internet for the terrorism purposes, joint revealing of extremists’ websites and counteraction to their activities. Clean code is designed for international cooperation to fight computer fraud that causes tremendous damage to citizens and businesses. The purpose of the Clean connection is to maintain new level of networks of law enforcement.

Is your election as a member of Interpol council a recognition of importance...


Add comment  Email to a Friend

Discussion is closed - view comments archieve
2008-01-04 17:14:14 - My name is Fima Estrin and I live in... Fima Fimovich
Total 1 comments
Copyright © 2001-2013 Computer Crime Research Center
CCRC logo