Chief of “K” department is interviewed on cyber-crimes
Date: May 12, 2003
Russia is very famous with its “computer geniuses – both in the positive and negative sense. The entire world speaks about “Russian hackers”. However, Russia’s cyber-police is equipped far worse than its foreign colleagues let alone its professional opponents and normal financing is out of the question. The work of home cyber-police officers has little to do with that image of large forehead “anti-hackers” represented in thrillers and detective literature. It is a usual police officers’ job including secret service, interaction with other departments and so on. Dmitrie Chepchugov, a chief of Moscow “K” department, told “Vedomosty” about effective ways of fighting against cyber-crimes under present conditions.
What are the main directions of “K” Department activity?
Three main directions apply to exclusive competence of our department. First, everything connected with computer crimes: breaking of computer systems, stealing of passwords or money through Internet, spread of computer viruses and other detrimental programs and so on.
Second, phone crimes: obtaining of an unauthorized access to telecommunication networks and organizing of illegal call offices.
Third, illegal use of special technical hardware: various devices designed for unauthorized supervision and disclosure of private life secrets.
Now more and more crimes are committed by using Internet. We have to fight against children’s pornography spreaders, site-makers specializing in slander and discreditable materials and so on. Once we arrested a murderer offering his services in Internet.
We help our colleagues from other departments. Our officers make technical expert examinations, gather evidences required to detect different crimes considered as wide of computer technique at first sight.
What are the features of computer criminals’ psychology? What differs them from their “offline colleagues”?
Nothing. Criminals are criminals irrespective of used methods. On the standpoint of psychology, computer criminals can be divided into three groups. First, the most numerous one includes “cool hackers”: children and teenagers who saw something, tried and do it to satisfy their curiosity. They steal passwords of Internet access, break protection of computer programs, and change the contents of web sites.
People with broken mentality, unsatisfied with their status and those who did not find their life place belong to the second group. When improving their hacking skills they affirm themselves in the virtual world and are capable of performing the most unpredictable actions.
The third group consists of professional criminals. They are easy to deal with. They clearly realized what risk they would run and that is why they will completely get out of a difficulty. They should carry responsibility maximum adequate to the committed offense. Nobody incite them to crime.
The imprisonment is rather counter-indicative for the first category of hackers because they can become real criminals when they found themselves in the delinquent environment. However, it can be useful for the second one. First, they will cause less damage. Secondly, some changes can occur during their isolation.
Are there any recidivists among hackers?
Mostly the third category is characterized with the repeated commission of offence. The second one is known for a single case. The second offence does not take place in the first category because everything is restricted to suspended terms.
What are the ways of arresting cyber-criminals? Are they similar to those used by usual police officers or shown in the modern thrillers and known as “hacking methods”?
We use no hacking methods for two reasons. First, they are illegal. Secondly, hacking methods cannot be used in our work. We apply professional software whereas hacking programs can contain Trojan horses and other detrimental installations. All the sophisticated hacking programs are known to have a Trojan or another spy. They are delivered from free sites but a free cheese can be found in the mousetrap. It means that this software is crammed with various dirty tricks.
When downloading these programs, the user thinks that he is a cool hacker but a real cool one has inserted there some detrimental installations. As a result, he is stolen an access password, other confidential information or money.
Those who think that we use only technical procedures are not right. Hackers’ conferences often run: “I’ve used Proxy-server software and they will never catch me”. We work not only with technical procedures of detecting crimes but also the whole spectrum of search activities.
If wide forehead boys with high knowledge in computers were here, we might not detect any crimes. There is a law of operative-search activity including all kinds of this work, cooperation and so on. No real professional will reveal his tactics to keep his own job and not to study “opposite party”. Our personnel consist of operative officers and people with high technical education. Technical methods are used in many other ones but they do not dominate.
How would you describe the situation with cyber-crimes in Moscow and other regions?
Up to 50% of all Russian computing capacity is concentrated in Moscow. Up to 80% of financial turnover, including electronic trade is centered there as well. It is our specificity. All these crimes are committed through out the country. However, villains from the whole country try to work through Moscow’s resources so we have to spend our energy mainly on aiding our colleagues from other regions. The first category of “cool hackers” is of a variable character. Many of them come to study in the capital and start playing here mean tricks.
Do cyber-crimes have any typically Russian features?
Russia’s specificity is very simple. Abroad the revenues are incommensurable with costs on all hardware and even software. There a person can purchase Windows for $300. Here people cannot afford it.
There are slow city phone networks. The allowed line is very expensive to pay for and people with high intellect have to solve this problem in their own way. As a result, we are to reveal these persons and institute proceedings against them. To tell the truth, they gain sympathy because these are students, graduate pupils, young intellectuals or housewives who badly need Internet. Families with low incomes cannot spend their money on such a pleasure. What remains a youth with good education but primitive computer purchased for $100 to do? He has no choice but to start violating laws. It does not concern people engaged in stealing money through Internet but those buying stolen software or obtaining illegal accesses to the global network and so on. This problem should be resolved not only by law enforcement agencies but also socially. This kind of crimes will disappear as soon as the standard of living increases adequately. The people will have fewer problems if they purchase these products and services for money.
Could you give any advices on preventing computer crimes except the general phrase “people, be watchful”?
If you really worry about your computer, you should buy the second removable hard disk (Winchester). The operation system should be on the first main disk but all valuable for you information should be stored on the second removable one or another data carrier. When entering Internet you are to remove this carrier and put it beside. There is a joke: the most safety computer is a switched off one. It can be paraphrased: the most secure information is a removed one. When somebody comes to you and you do not want documents to stay on the table, you put them into the drawer^; otherwise, he can read them over your shoulder. Here is the same case. You should physically remove information. It is clear that the question is here about private users because firms have expensive information protecting systems.
If you have a handset with a radio-pad, you should be ready to waste money. All these phones are open gates for delinquent persons. It reminds the situation when going to the work you leave open your flat door and after returning home you ask yourself: “Where are my things?”. DECT phones have a relatively high protection. The probability of piratical connection is extremely low. DECT means a tightly closed metal door. People who cannot do without handsets are advised to use this standard.
As to the wire phone piracy, the absolute protection is to cut off the long-distance network.
Concerning the electronic espionage, special technique has no color, taste or smell, so you should pay particular attention on situations when something strange happens around you. For example, people that you did not expect to see come to your place. All these odd events can be used to bring special devices. If you suspect that somebody bugs or peeps, you have the right to apply to the territorial agency of internal affairs. The primary information will be checked there and then, if necessary, delivered to us because we are equipped with required technique. One can give a universal advice: if you do not infringe the law, nobody will bug you.
Dmitrie Chepchugov has worked in Moscow’s State Agency of Internal Affairs since 1976. He began his labor activity as a technical expert at the Special Technique and Communication Department. In 1980, he graduated from Moscow State Teacher’s Training University. In 1983, he was transferred to newly organized USSR MIA “R” Department where he worked until 2000 holding different posts (last years – chief of department). In 2000, he was appointed chief of newly formed Moscow SAIA “R” Department.
USSR MIA “R” Department was set up in 1983. Since its foundation, it obtained the status of special services. The letter “R” encoded this department in the personnel arrangements of special services and according to many people, has little to do with the radio-electronic fight. The department functioned as MIA technical security service protecting its computer and telecommunication systems from outside penetration. In 1998, “R” Department was deprived of the special service status because of changes in the legislation and incorporated into the structure of law enforcement agencies. Moscow SAIA “R” Department was organized in 2000. The similar Russia’s MIA department was renamed as Cyber-crime Fighting Department or “K” Department.
Computer Crime Research Center
^macro[showdigestcomments;^uri;Chief of “K” department is interviewed on cyber-crimes]