Commentary: Solving Internet Crime Needs International Approach
Governments have made cyber-crime a matter of public policy. But without an organized, multi-disciplinary, international approach, the problem will remain.
It is well known that the Internet presents a potential threat to any system connected to it. The precise damage inflicted on home computer users and businesses since the first computer virus appeared is unknown. However, approximate figures from the business community estimate that cyber-crime costs the global economy more than $10 billion every year. Such significant losses mean that measures must be taken to combat the threat, at a governmental as well as a corporate level.
Many countries are now paying a significant amount of attention to the issue. The creation of the “anti-virus police” in China bears witness to the fact that some countries do perceive cyber-crime as a direct threat to national security. Other countries with similar levels of technological sophistication also wish to secure their Internet space, even if only within the geographic boundaries of the country. In spite of the many difficulties associated with detecting the source of threats, many such operations succeed in neutralizing them. Following September 11, for example, the U.S. government started to seriously address a variety of security issues, and an official report on the battle with high-technology crime was recently published.
According to official statistics, the large number of operations undertaken in 2003 to root out Internet crime bore fruit. Pain-staking research led to 125 people being brought to justice. Those arrested ranged from rank-and-file software pirates, who had simply decided to take a piece of the software developers’ pie, to genuine criminals. One of the latter came to the attention of the police and the FBI after he advertised the sale of a Congressional Medal of Honor. Another was sentenced for breaching the Al-Jazeera site; an act that might be viewed as patriotic but is still illegal. The operation also uncovered an enormous number of victims of cyber-crime:125,000 people had lost more than $100 million in all. Given the significant difference between the number of those arrested and the number of victims, it seems clear that the American government did not succeed in determining all sources of threats throughout the country.
Other countries have also conducted successful operations against cyber criminals. A lengthy investigation of a hacker site in South Korea resulted in the arrest of two people, one of whom turned out to be the leader of Wowhackers, one of the most notorious hacker groups in the country. This group terrorized government and commercial organizations for more than three years. The group leader, a 24-year-old surnamed Hong, founded the group in May 2000, with group members drawn from the winners of domestic and international hacking competitions.
The group was organized along organized crime lines, with the two group leaders directing 17 highly experienced hackers. Each of these 17 supervised up to 20 less-experienced cyber-criminals, or “handlers,” who in their turn oversaw the work of several hundred hacker site users. Strict discipline and the highly organized nature of the group made it possible to hack the servers of more than 90 government offices and private firms and steal personal information from more than 2.6 million people. This information was then placed on the hacker Web site. The group was so professional that it was necessary for the police to check if the information had been used to commit more traditional (“non-cyber”) crimes.
In general, the traditions of cooperation in the Asia-Pacific region create an atmosphere conducive to cyber-crime. Such crimes occur frequently. By the end of September, 52,000 cyber-crimes had been registered in South Korea, and it seems unlikely that this figure tells the whole story.
While these examples focus on just two countries, they illustrate the general trend towards increased cyber-criminal activity. This is confirmed by analysts from Internet Security Systems, a company well known for its research into electronic threats. According to its statistics, the number of computer security incidents rose by 15% in the third quarter of 2003. This increase was mainly due to an increased number of hacker attacks. Experts believe the increased number of attacks is due to the fact that hackers need less time to exploit known vulnerabilities in software. Vulnerabilities in most popular programs undoubtedly stimulate hacker attacks. For instance, 725 vulnerabilities were discovered in this same period, and the amount of malware was up 26 percent from the previous quarter.
The increase in malicious activity is attributed to many factors, ranging from the presence of vulnerabilities in software to the wide availability of computers. Even experienced analysts fighting cyber-crime fall into this trap, forgetting about the main cause: the fact that users are anonymous. Even an elementary system of identification would mean that the search for a cyber-criminal would be a matter of seconds, and a user’s details could be used as incontrovertible evidence of criminal activity.
That the battle against cyber-crime is now a matter of government policy in many countries is undoubtedly praiseworthy. However, without an organized, multi-disciplinary approach to the problem on a global level, no solution will be found.
Eugene Kaspersky head of Anti-Virus research at Kaspersky Lab. He is a member of the Computer Anti-virus Researchers' Organization
(CARO), among whose members are the world's leading anti-virus experts.