Peek into the world of cybercrime— November 2, 2014
A new BBC series starting this weekend explores the vulnerabilities of the internet and how conmen or terrorists can hold all of us to ransom
The internet has become such a huge part of our lives and happened so fast that we – as individuals and as nations – have left ourselves very vulnerable, says Ben Hammersley, technologist, author and presenter of a new BBC series, Cyber Crimes.
In barely more than a decade, everything from finance to critical infrastructure such as power and sewage to political discourse and romance has shifted online – and with that comes huge risks.
“This is a new technical ground for us and there are technical vulnerabilities that we didn’t envisage and secondly there are social vulnerabilities because by moving everything onto the network we create whole new social constructs which we never had to deal with before,” says Hammersley.
Computer hacking is no longer about wayward teenagers getting up to mischief in their parents’ basements. Cybercrime is a well-organised, incredibly complex commercial enterprise. And every year it gets more sophisticated – which is what the Hammersley details in his six-part documentary.
As you’d expect, the 38-year-old is a hi-tech kind of guy. We connect through LinkedIn and he quickly accepts a request to do the interview by Skype on his mobile – and all this while walking his dog and carrying his baby daughter.
Hacktivists such as Anonymous get plenty of media attention for their flamboyant and often offensive tactics, but these are not the people we should be worried about, says Hammersley. What we really should be concerned about is organised crime and state-on-state warfare.
“It’s going to be a very big thing in the next five to 10 years. In terms of organised crime, the most exciting or interesting comes from eastern Europe and Russian and a little from Nigeria,” says Hammersley.
It’s clear from the tone of his voice – and that word, “exciting” – that Hammersley enjoyed researching this series. An online search turns up a handful of requests, on the part of Hammersley and the production team, for hackers and conmen and those who have been the victims of cybercrime to come forward for the documentary. And one way or another he persuaded many of them to tell their story on air.
The episode that most shocked him most was the one about the massive credit card fraud in February 2013 when US$45 million was stolen from ATMs around the world. He went to New York and Washington and looked at everyone involved in the crime, from the low-level foot soldiers recruited online to the criminal masterminds.
“What was most interesting about that was that you start off with a few hackers in the Ukraine and through the internet they are able to gather about 500 people and enact this criminal conspiracy in about 20 countries and then disappear,” says Hammersley.
The show, called Heist, airs on November 8 and 9 and explains step by step how the criminals were able to turn stolen credit card numbers into cash. What is even more incredible – and the reason for the success of the crime – is that those involved didn’t know each other; they were all recruited online.
The masterminds of that 2013 heist got away scot-free, but some of the foot soldiers were arrested and only have themselves to blame. One went out and bought a Ferrari, paying for it in cash, and others took photos of their wads of money with their mobile phones.
“It’s that massive ad hoc, fluid criminal organisation that comes together, does a job and disappears again. It’s like Oceans Eleven, but 50 times as big,” says Hammersley.
The reason most of the hackers are in eastern Europe and Russia is a simple matter of economics and social circumstances. These countries have good education systems combined with high unemployment and a poor economy.
“If you are a talented programmer living in Siberia or the Ukraine you can either get yourself a US$100-a-month job in a legitimate company or you can make a considerable amount more than that by resorting to criminal enterprise,” he says.
It’s a no-brainer. And it’s the same in Nigeria, where the economy is weak and the job opportunities limited. For conmen who are skilled enough to swindle people out of thousands of dollars, it’s easy to see why they do what they do. The third episode – Scams (December 15 and 16) sees Hammersley go to Lagos to meet the Nigerian scammers.
“I don’t necessarily morally agree with what they do, but I understand why they do it,” says Hammersley.
As for state-on-state cyberwarfare, the big concern is not necessarily countries attacking each other, but small groups – terrorists or radical offshoots – who thanks to the internet are able to punch above their weight.
“We haven’t yet seen a good example of that, but this is all so new that the combination of what is possible and what might be possible have merged together and become this big fantasy of risk,” says Hammersley.
He would like to see more companies stepping forward and disclosing breaches so that everyone in that industry or with that vulnerability is able to protect themselves. He believes if people saw cybercrime as a form of public health, then more would be done to protect systems. Just as children can’t go to school in some counties until they are vaccinated because it’s a public health risk, so those whose systems are part of the critical national infrastructure of a region or nation should be protected so they are not a danger to the rest of the world.
“Without disclosure it would be like people getting Ebola and not telling everybody – and that’s really dangerous,” says Hammersley.
So what should we as individuals be doing to protect ourselves? Again it boils down to basic hygiene practices, what Hammersley calls the “internet equivalent of washing your hands”. We should run a virus checker on our computer, ensure it has a firewall in operation and clear it of malware. Strong passwords and encryption add to security and everyone should be wary about opening suspicious attachments. And the same smart practices apply at a corporate and national level.
Cyber Crimes began airing on BBC World this weekend, starting with an episode on the billion-dollar drugs marketplace run on the darknet by a criminal mastermind who went by the name Dread Pirate Roberts. The success of the series is that Hammersley gets so close to these criminals – he walks their streets, sits in their cafes and, critically, uncovers how they exploit the internet.
“There were a couple of times when during the filming I would sit back and think not only do I understand how this crime was done, but I could do it myself and I’d be thinking I’m really in the wrong business,” says Hammersley jokingly.
Original Link: SCMP