Russian cops lack kit to fight cybercrooks, says Brit security buff
Web bods snub state enforcers, turn to private sector instead
CyCon 2013 A shift in perspectives in Russia over the last 18 months means the country has ceased to be a safe haven for cybercrime.
Crackdowns on e-crime have taken place in the past, most notably the successful prosecution of the extortionists who were behind denial-of-service attacks against online bookmakers.
However, the perception remained that crooks in Russia and the Ukraine were free to target victims with Trojan-based scams, fake anti-virus, ransomware and other swindles – providing the victims were non-Russians.
Back in 2007, outfits such as the so-called Russian Business Network were rumoured to be handing kickbacks to corrupt politicians in St Petersburg whilst operating botnets, carrying out wholesale ID theft and running spam networks; all activities targeted against non-Russians.
Later, principal actors from the RBN were linked to DDoS attacks against Estonia and Georgia, and security researchers believe these were carried out on behalf of Russia's FSB – the modern successor to the Soviet KGB spy agency.
As net use in latter-day Russia has increased, cybercrime has become a domestic problem as crooks set their sights on "soft targets" within Russia. The FSB, along with Russia's internal security and policing services, lack the technological expertise, computer forensics and legal expertise to tackle cybercrime – so private sector organisations are having to pick up the slack, according to Keir Giles, a director at the UK's Conflict Studies Research Centre.
"When top-level domain managers gave a presentation about the fight against cybercrime in Russia they didn't mention the police," Giles told El Reg. "This was an oversight, but a telling one nonetheless."
Cyber response teams, ISPs, Russian security consultancies (such as Group-IB) and big Western software firms like Microsoft are the main agents behind bonnet busts and other activity in Russia that would be tied to law enforcement in the West.
Russian computer crime laws are outdated, or "imperfect" as Giles more diplomatically described them. Outdated technology and a lack of expertise in key areas, such as computer forensics, have meant that police agencies have turned to commercial providers.
Giles is due to present a session entitled Divided by a Common Language: Cyber Definitions in Chinese, Russian and English at CyCon in Tallinn, Estonia on Friday. Giles, an expert in Russian security policy and international relations of many years standing, explained that the Russian government's attitude to the internet is markedly different from those in Europe and the US.
He explained that elements of the Russian security services, such as the FSB, want control of content and have a long-standing suspicion of social media, which they view as a forum for whipping up dissent – and, consequently, presents a threat to the state.
These suspicions were reinforced by protestors using social media to communicate and broadcast propaganda during the Arab Spring. But there's a recognition by other sectors of the government that free connections with the outside world, and technologies such as encryption, are needed to allow e-commerce to take off.
Several Western politicians and governments are concerned about sourcing key components of internet infrastructure from the likes of Huawei, citing fears about hidden backdoors and similar concerns. Politicians in Russia have similar concerns about sourcing internet routing kit from firms like Cisco, Giles explained.
Further insights into Russian attitudes towards the internet can be gleaned from the English-language version of the draft convention on International Information Security, put forward by the Russians here. ®
Sponsored: Network DDoS protection