Notorious or desperate? Economic woes encourage fabled 'Khackeri'

[InfoSec News <isn () C4I ORG>]

http://www.uniontrib.com/news/computing/20001118-1006-russia-hacke.html

November 18, 2000

MOSCOW While the international space station brings new renown to
Russia, the nation is gaining a darker sort of notice from other
explorers the hackers who launch into cyberspace.

Russia's reputation as home to some of the world's most gifted and
devious hackers was underscored last month when Microsoft Corp.
disclosed that passwords used to access its coveted source code had
been sent from the company network to an e-mail address in St.
Petersburg.

It is by no means clear whether a Russian was behind the break-in that
e-mail account could have been managed remotely. But that doesn't stop
Russian hackers "khakeri," or "vzlomshchiki (house-breakers)"  from
puffing out their chests at such exploits.

In a recent poll on a hacker-oriented Web site, 82 percent said Russia
had the world's best hackers; only 5 percent said Americans were
better.

But the bravado is laced with frustration.

Hackers are motivated as much by a lack of opportunity in economically
struggling Russia as by criminal leanings, people inside and outside
the hacker community say.

Sergei Pokrovsky, editor of the magazine Khaker, said that hackers in
his circle have skills that could bring them rich salaries in the
West, but they expect to earn only about $300 a month working for
Russian companies.

Russian higher education traditionally has been strong in mathematics,
a skill at the core of hacking, but the Russian market offers few
employment opportunities to such knowledgeable people, said Mikko
Hypponen, manager of anti-virus research at the Finnish company
F-Secure.

"They have too much time on their hands," said Hypponen, whose company
highly values the Russian computer experts it employs.

Russians have been behind several high-profile and sometimes highly
lucrative hacking cases. There was the cyberthief known as 'Maxus' who
stole credit-card numbers from Internet retailer CD Universe earlier
this year and demanded a $100,000 ransom. When denied the money, he
posted 25,000 of the numbers on a Web site. Maxus was never caught.

Mathematician Vladimir Levin was caught and in 1998 was sentenced to
three years in prison in Florida for a stunning invasion of the
Citibank system in which he pilfered $12 million by transferring
digital dollars out of the bank's accounts.

Russians are also believed to be behind the 1998 theft of Global
Positioning System software, used for missile-targeting, from U.S.
military computers .

Russian companies occasionally fall victim to hackers, too. Last year,
hackers got into the computers of Gazprom, the Russian natural gas
monopoly that also supplies much of Europe and took brief control of
the central supply switchboard; officials wouldn't say whether there
were service disruptions.

Incidents of avarice and meddling in critical computer systems have
raised concern that some hackers who hail from Russia are affiliated
with its extensive organized-crime groups.

Pokrovsky, for one, rejects such speculation.

"Nonsense, complete nonsense," he said. "For example, I personally
know Maxus and he isn't in any crime group. He's a very good
specialist who understands systems very well."

The psychology of hackers can be as elusive as their identities,
however. Of course some say their actions are just an offshoot of
exuberance, that they are chiefly benign interlopers.

Take the hacker known online as NcRoot. He says his first name is
Alexander and that he's a 17-year-old student interested in Web site
design.

"Sure, there may be people who do this for the sake of money and who
have small salaries," he wrote in response to e-mailed questions,
saying he believed most Russian hackers do it for the challenge of
exposing security flaws.

"Fix in your mind, we just want to help you," a hacker group wrote to
the Webmaster of an online music site they hacked into this year.
NcRoot was among the hackers.

While it's impossible to estimate the economic damage Russian hackers
may inflict through theft and mischief, indicators suggest the sums
are enormous. Many of the Internet's so-called "warez" sites, in which
pirated computer software is made available, are set up by Russians.

A study by the Business Software Alliance, an international industry
trade group, said that in 1999, pirates cost software makers $165
million in legitimate revenues. The study said 89 percent of business
software distributed in Russia that year was pirated.

Law enforcement efforts have been weak.

The Interior Ministry division specializing in computer crimes said
this year that 200 arrests were made in the first three months of the
year, up from just 80 in all of 1998. But that rise could reflect
increased police effectiveness rather than a growth in crimes.

"It means we are getting better and better," said Anatoly Platonov,
spokesman for the Interior Ministry's "Division R," which handles
computer crimes.

Platonov did not provide many specifics, however, such as how many
people work for the computer-crimes division.

There is a wide belief that Russian law-enforcement is being left in
the dust by hackers.

"This is first of all because of a lack of resources. There aren't
enough qualified police," said Denis Zenkin of the Russian computer
security company Kaspersky Labs.

Those police who are active nonetheless get some grudging recognition
from the hacker community.

"These are professional guys," Pokrovsky wrote in Khaker last year. "I
fundamentally changed my opinion of them after I knocked into them
face to face."

Computer experts generally agree that weak laws are to a large degree
to blame as well.

Pokrovsky, meanwhile, worries not so about hackers committing crimes
as being co-opted by institutions that can impede individual
liberties. He is convinced that some hackers work with Russian
intelligence agencies.

Hypponen said Russian hackers need to be concerned about negative
stereotypes.

Although his company has recruited workers from the Russian talent
pool, "some customers are uneasy about having development done by
Russians," he said.

On the Net:

Hacker website with English section: www.hackzone.ru.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".