Stefan Tanase, senior security researcher, EEMEA, Global Research and Analysis Team (GREAT), Kaspersky Lab, at the security firm’s cyber conference today, urged the audience to remember that while cyber warfare was the focal point of discussion during the course of the event it’s equally formidable cousin cyber crime should not be forgotten.
“The tools that were traditionally used by cyber criminals triggered nation states into realising that the very same tools and codes could be used to protect or reinforce the country’s cyber defences. Therefore, today we are witnessing the next stage in evolution of cybercrime in the cyber arms race for good or bad, only time will tell,” Tanase said.
Tanase added that while international governments have not announced the presence of cyber defence mechanisms there is no doubt that government agencies across the world are heavily investing in the latest and the most advanced technologies for espionage and other military defences.
In addition, Tanase discussed the apparent evolution of cyber criminals across the globe.
“It is plain to see that cyber criminals have evolved from individuals orchestrating ad hoc attacks to sophisticated groups of technically trained hackers and hacktivists with intended targets and ready exit strategies. 2012 marks the year when cyber crime hits maturity, as we see increasing numbers of these groups operate like business entities through reinvesting their profits in exit strategies or legal business operations,” he explained.
Tanase cited the example of Kim Schmitz, the founder of Megauploads, a Hong Kong-based file hosting and sharing business. “Schmitz founded Megauploads in 2005, prior to which he was sentenced to a probationary sentence of two years for computer fraud and handling stolen goods in 1998. Up until his recent arrest for copyright infringement, Schmitz made profits amounting to US $50 million a year,” he said.
Although law enforcement and international regulations aimed at apprehending and prosecuting cyber criminals is gaining ground, Kaspersky’s Tanase believes that there is yet a long way to go.
For instance, Tanase said that the “name and shame” strategy albeit justified often hinders law enforcement and criminal investigations.
“When Facebook announced information related to the operations of the Koobface Gang early this year, they intended to warn users about the tactics used by five men through online schemes on social networks to appropriate several million dollars. What they did not realise was that this disclosure gave the perpetrators an opportunity to quit all activity and make a fast getaway. The men are yet to be found and prosecuted for any criminal charges. The group are said to have made approximately US $2 million a year,” Tanase said.
“The Koobface Gang’s freedom summarises how difficult it is to apprehend international cyber criminals, even when their identities are known. These groups tend to operate in countries where they can work unhindered by the local authorities, and where cooperation with international law enforcement agencies is poor. On the other hand, international agencies are overwhelmed by reports of cyber criminal activity and lack the resources and skilled manpower to tackle it effectively. Therefore, it comes down to organisations like ourselves to help monitor and track the movements of these groups to help make their jobs just a little bit easier,” Tanase concluded.
The Kaspersky Lab Cyber Conference, 2012: IT Security in the Age of Cyber Warfare continues through tomorrow, the 8th of February, 2012 at the Ritz Carlton, Cancun, Mexico. Pallavi Sharma, assistant editor, CNME is reporting live from the conference. For live tweets from the event, follow @ComputerNewsME or @PallaviSharma5. More details on the conference and its participants will be available in the next issue of CNME.