Zone of protection: Hacker havens
To what extent is state-sponsored cybercrime extending the protection for hackers who operate outside U.S. borders? Karen Epper Hoffman investigates.
Zone of protection: Hacker havens
Increasingly, cybercrime is not just being perpetrated by hackers and syndicates within U.S. borders, but those that operate outside them. And, many of the countries where these online attackers operate are either actively supporting them, or at the very least, allowing them to thrive and perpetuate their crime. “Russians, for example, turn a blind eye to a lot of crime, they have a more permissive attitude toward organized crime,” says Gary McGraw, chief technology officer at Cigital, a software security firm based in Dulles, Va. “The government looks the other way.”
Russia and a number of countries in Eastern Europe initially emerged as hacker havens – areas of the globe where cybercriminals could ply their trade without worrying that the government or state law enforcement would crack down on their work, or expend much effort to extradite them to the United States or other countries that would penalize or jail them. Why here? Eastern Europe has been a haven for cybercriminals since the internet began, according to Rick Howard, chief security officer at Palo Alto Networks, a network security company based in Santa Clara, Calif. “Many of these countries have excellent engineering schools [and] when the wall came down in 1989, there was no work for these brilliant engineers,” he says. “Some of them went into cybercrime in order to make a living. Some organized crime factions scooped these technicians up to add cybercrime to the portfolio.”
Johannes Ullrich (left), dean of research for the SANS Technology Institute (STI), which educates managers and engineers in information security practices and techniques, and chief technology officer of the SANS Internet Storm Center, a division of STI which keeps track of malicious activity on the internet, agrees that Russian and eastern European cybercriminals often work together, creating “a strong criminal infrastructure… with a good range of technically savvy individuals.”
But the threat is no longer isolated to a single region, or even a single class of nefarious groups. In countries like China, Ukraine and Iran, and some countries within the Pacific Rim, South America and Africa, a tolerance for fraudulent activity combined with the emergence of more skilled engineers – who may lack for legitimate opportunities – are creating more of these hacker hotspots throughout the globe. “It really comes down to there being a climate that's conducive to the proliferation of cybercrime,” says Casey Ellis, CEO and co-founder of Bugcrowd, a San Francisco-based vulnerability assessment company. “Of course, not everyone with cybersecurity chops in these parts of the world are malicious, but this does somewhat explain the concentration of gifted hackers in those parts of the world.”Kevin Epstein, vice president of advanced security and governance for Proofpoint, a Sunnyvale, Calif.-based provider of SaaS and on-premises solutions, agrees. “Any city or geographic region that hosts smart people with access to computing technology will breed hackers,” he says. “Whether those hackers choose gainful legal employment or a life of crime depends on the same factors that would influence residents to pursue legal or illegal activities in the physical world. As has been proven over centuries, a poor economy and minimal law enforcement presence can push even honest citizens into committing criminal acts.”