Feeds

Russian trade body aims to fight cybercrime

Russia no safe haven for spammers and cybercriminals

5 things you didn’t know about cloud backup

Russia is not a safe haven for criminals or spammers, according to a Russian trade association campaigning to tighten up the admitted shortcomings of local cybercrime laws and build international cooperation.

The Russian Association of Electronic Communications was established in 2006 to speed Russia’s integration into the global internet economy. The association has more than 35 members, including leading Russian ISP Mail.Ru, social network outfits, news agencies ITAR-TASS and RIA Novosti, and net security firm Kaspersky Lab. RAEC has set out an ambitious programme to shape Russian internet regulations, provide mediation in copyright and e-commerce disputes, promote internet security and help support the development of legitimate IT businesses in Russia.

Dmitry Zakharov, director of comms at RAEC, told El Reg that the prevalence of cybercrime activities in Russia is hurting the country's image abroad.

"The problems at the moment is that we are not able to offer talented technology people jobs. so they get involved in illegal activity," Zakharov said. "Not many want to be gangsters but Russia is relatively young as a capitalist economy and there are not enough normal and civilised occupations."

Anywhere between 10,000 - 20,000 people are estimated to work in the underground economy in Russia, assisting illicit activities including selling scareware, bank fraud, pushing pharmacy spam and worse.

"The problem is economic," said Zakharov. "We have to offer jobs. Those that remain will be persued if they still want to act like criminals."

A carrot and a stick approach is needed. RAEC is backing the establishment of a Russian Silicon Valley (Technopark) project, near Moscow, that it's hoped will offer thousands of legitimate jobs in technology within five years. Those that stay in the black economy need to be prosecuted, and this requires new legislation.

"We have some laws that describe hacking actions, like taking commercial data, but they are not good enough," Zakharov said. "The law is not clear on definitions."

Copyright protection laws are also needed and codes of conduct for ISPs are also needed, Zakharov said, adding that RAEC is in discussion with internet firms about "lowering" copyright violations while laws in the area undergo development.

An example of internet law changes in Russia comes from recently applied regulations to tighten up domain registrations. From 1 April, copies of passports or legal registration papers for business are needed to register a .ru domain. Previously domains were set up without any checks, a shortcoming that played into the hands of spammers.

"Spamming domains don't live long," Zakharov explained. "The tighter regulations prevent cybercriminals from holding money in anonymous accounts, used to register many domains at once for spamming or other illegal activity. It [the tighter regulation] is an effective measure."

Rogue hosting organisations, most notoriously the Russian Business Network, have set up shop in Russia and reportedly suffered little or no interference for many months, at least according to many Western information security experts. RBN was eventually broken up in late 2007.

Another more recent example is neighbouring Ukraine is Innovative Marketing Ukraine, which built its wealth marketing scareware until it was shut down last year.

A RAEC analyst said that Western perceptions that RBN, for example, is a single cybercrime entity are all wrong. He described it as the most popular so-called bullet-proof hosting firm, used by many disparate organisations for various criminal purposes.

RAEC's line was it was only when complaints in more or less the right form were made to Russian authorities that RBN was shut down. The trade organisation argues that information is not been passed between Russian authorities and those in the West, who often have very different ideas of what's going on. Russian authorities, for example, know much about the identity of prolific spammer in Spamhaus' ROKSO list. The reason he is not in jail is because his crimes took place outside Russia and no victims have come forward to complain to local authorities.

The trade group, which has begun talking about its work to Western media for the first time over recent weeks, wants to help break down international barriers which allow cybercrime and possibly corruption to flourish unchecked.

Zakharov admitted the possibility that individual corrupt officials in St Petersburg might have been bribed by RBN, but argued repeatedly that "top level government people want cybercrime shut down".

"Politicians don't want to see Russia seen as a home for hackers and criminal country because this hurts the economy and Russia's reputation," Zakharov explained. "We want to go international and show Russia is not the safe haven for criminals or spammers.

"This is a governmental-backed project. The government are very aware of the cybercrime problem and trying to do many things to curtail it." ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
One HUNDRED FAMOUS LADIES exposed NUDE online
Celebrity women victimised as Apple iCloud accounts reportedly popped
Rubbish WPS config sees WiFi router keys popped in seconds
Another day, another way in to your home router
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
NZ Justice Minister scalped as hacker leaks emails
Grab your popcorn: Subterfuge and slur disrupts election run up
HP: NORKS' cyber spying efforts actually a credible cyberthreat
'Sophisticated' spies, DIY tech and a TROLL ARMY – report
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.