Monday, September 28, 2009

CYBINT in the business of Russian cybercriminals

Those who follow this blog sporadically have noticed that most of this year I spent most of the post to bring out many of the applications from a black market flooded Russia where all types of crimeware is available to professional cyber-criminals (botmasters , spammers, phishers, "¿cyber-terrorists?", etc.) but without neglecting the candidates seeking to become high-ranking offenders.

In this sense, time allows us to witness how they allowed this illegal industry fueled heavily by Eastern European countries (particularly Russia), China and some Latin American countries led by Brazil. However, the flow and focus attention in Russia, and as I said at some point, I reminded the world that Gibson describes in Neuromancer, where the illegal marketing of malware is developed in the dark streets of the suburb.

Perhaps, like I did at some point, many will wonder, whatever type of crimeware that could be opened or motivations (the main one has an acronym: USD) of cyber-criminals, who are behind this?

If we consider that the sale of programs is done around a dark business that is part of an industry that operates from the underground (RBN - Russian Business Network), which are cells that lead to well organized fraud conducted via the Internet (eg Russian scammers) corporate espionage (hiring pirates), among other things, it's easy to see that everything has a mafia connotation. And if we go deeper into the origin of the Russian mafia, easily conclude that was conceived by former KGB agents (Intelligence of the former Soviet Union).

In fact, it's estimated that this criminal network with former agents of what became the KGB and now in more than one occasion, has worked in conjunction with the FSB (Federal Security Service of the Russian Federation), the successor to the KGB.

What I mean by this? Although perhaps what I write may seem extreme, we find ourselves in times in which we witness the virtual conflicts involving certain countries. Such computer attacks that we see in Hollywood movies, a little exaggerated, in recent years have made fiction to enter the real world scene, and in this sense, CYBINT (Cyber Intelligence) plays a fundamental role.

For example, more and more cases of defacement that although is not new, made news when it affects the availability of government web sites that form the heart of cyber-warfare on duty . The DDoS (Distributed Denial of Service), carried out through botnets, such as that suffered the site of President of Georgia during the conflict with Russia, the Russians actually loaded a couple more (Estonia and Lithuania), are clear examples of actions that seek to complement the operations at the military level.

What is striking about cases like those mentioned in the preceding paragraph, left in full evidence there is advance planning, in coordination, it is not nothing but an intelligence plan. In the case of defacement, it may seem trivial, we could say that within the conflict, is part of psychological operations that seek to weaken the morale of the opposing side.

However, other less trivial aspects are also part of the intelligence plans, and generally are operated through technological resources, eg attacking the availability of telephone networks (COMINT), interruption of satellite signals and attacking other networks (SIGINT), including the public nature, affecting the confidentiality of people using malware.

Under all this scenery, the RBN, one of the organizations biggest cyber-criminals operating under the infrastructure of the Internet, is the basis on which to commit, from Russia (though there is a strong rumor about the RBN are migrating their operations to China), many malicious actions channeled into pedophilia, pornography, commercialization of crimeware, malware, phishing, botnets and more.

This really shows that aspect involving the cyber-crime are controlled and operated by a mob in which Russian cybercriminals up one of the most important pieces for the development of crimeware industry globally, and as we see ... Anything goes and everything merges into everything ...

Related information
Inteligencia informática, Seguridad de la Información y Ciber-Guerra
Los precios del crimeware ruso. Parte 2

Jorge Mieres

No comments: