Feeds

Russian trade body aims to fight cybercrime

Russia no safe haven for spammers and cybercriminals

Build a business case: developing custom apps

Russia is not a safe haven for criminals or spammers, according to a Russian trade association campaigning to tighten up the admitted shortcomings of local cybercrime laws and build international cooperation.

The Russian Association of Electronic Communications was established in 2006 to speed Russia’s integration into the global internet economy. The association has more than 35 members, including leading Russian ISP Mail.Ru, social network outfits, news agencies ITAR-TASS and RIA Novosti, and net security firm Kaspersky Lab. RAEC has set out an ambitious programme to shape Russian internet regulations, provide mediation in copyright and e-commerce disputes, promote internet security and help support the development of legitimate IT businesses in Russia.

Dmitry Zakharov, director of comms at RAEC, told El Reg that the prevalence of cybercrime activities in Russia is hurting the country's image abroad.

"The problems at the moment is that we are not able to offer talented technology people jobs. so they get involved in illegal activity," Zakharov said. "Not many want to be gangsters but Russia is relatively young as a capitalist economy and there are not enough normal and civilised occupations."

Anywhere between 10,000 - 20,000 people are estimated to work in the underground economy in Russia, assisting illicit activities including selling scareware, bank fraud, pushing pharmacy spam and worse.

"The problem is economic," said Zakharov. "We have to offer jobs. Those that remain will be persued if they still want to act like criminals."

A carrot and a stick approach is needed. RAEC is backing the establishment of a Russian Silicon Valley (Technopark) project, near Moscow, that it's hoped will offer thousands of legitimate jobs in technology within five years. Those that stay in the black economy need to be prosecuted, and this requires new legislation.

"We have some laws that describe hacking actions, like taking commercial data, but they are not good enough," Zakharov said. "The law is not clear on definitions."

Copyright protection laws are also needed and codes of conduct for ISPs are also needed, Zakharov said, adding that RAEC is in discussion with internet firms about "lowering" copyright violations while laws in the area undergo development.

An example of internet law changes in Russia comes from recently applied regulations to tighten up domain registrations. From 1 April, copies of passports or legal registration papers for business are needed to register a .ru domain. Previously domains were set up without any checks, a shortcoming that played into the hands of spammers.

"Spamming domains don't live long," Zakharov explained. "The tighter regulations prevent cybercriminals from holding money in anonymous accounts, used to register many domains at once for spamming or other illegal activity. It [the tighter regulation] is an effective measure."

Rogue hosting organisations, most notoriously the Russian Business Network, have set up shop in Russia and reportedly suffered little or no interference for many months, at least according to many Western information security experts. RBN was eventually broken up in late 2007.

Another more recent example is neighbouring Ukraine is Innovative Marketing Ukraine, which built its wealth marketing scareware until it was shut down last year.

A RAEC analyst said that Western perceptions that RBN, for example, is a single cybercrime entity are all wrong. He described it as the most popular so-called bullet-proof hosting firm, used by many disparate organisations for various criminal purposes.

RAEC's line was it was only when complaints in more or less the right form were made to Russian authorities that RBN was shut down. The trade organisation argues that information is not been passed between Russian authorities and those in the West, who often have very different ideas of what's going on. Russian authorities, for example, know much about the identity of prolific spammer in Spamhaus' ROKSO list. The reason he is not in jail is because his crimes took place outside Russia and no victims have come forward to complain to local authorities.

The trade group, which has begun talking about its work to Western media for the first time over recent weeks, wants to help break down international barriers which allow cybercrime and possibly corruption to flourish unchecked.

Zakharov admitted the possibility that individual corrupt officials in St Petersburg might have been bribed by RBN, but argued repeatedly that "top level government people want cybercrime shut down".

"Politicians don't want to see Russia seen as a home for hackers and criminal country because this hurts the economy and Russia's reputation," Zakharov explained. "We want to go international and show Russia is not the safe haven for criminals or spammers.

"This is a governmental-backed project. The government are very aware of the cybercrime problem and trying to do many things to curtail it." ®

The essential guide to IT transformation

More from The Register

next story
Rupert Murdoch says Google is worse than the NSA
Mr Burns vs. The Chocolate Factory, round three!
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Germany 'accidentally' snooped on John Kerry and Hillary Clinton
Dragnet surveillance picks up EVERYTHING, USA, m'kay?
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
Think crypto hides you from spooks on Facebook? THINK AGAIN
Traffic fingerprints reveal all, say boffins
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.