Russian Hackers, Face to Face
- by nlqip
These hackers lived where the bending and breaking of the rules was just a part of the culture. Both men were astonished at how Americans obeyed traffic rules and smoking restrictions, citing how in their country such rules are ignored. They wanted to go into business for themselves but found it difficult to do so. During the interview, Gorshkov said of his home town of Chelyabinsk, “Here, it is difficult for a person to live on honest wages.” They spent a portion of our interview talking to us about their startup business, Tech.Net.Ru. They even shared a photo of their office and equipment.
At the time, the first dot-com boom was exploding in Silicon Valley and Seattle. They wanted to be part of it, not just because of the money, but also to apply their skills and build something innovative. The underlying purpose for the hacking and extortion scheme was to raise funds until they could get their e-commerce platform off the ground. They talked about themselves as businessmen and entrepreneurs.
When asked about law enforcement response, Gorshkov joked that, “The FBI cannot get us in Russia,” which is why they only committed their crimes while in Russia.
They did express concern about being caught and “recruited” while in Russia. At first, we thought they might be referring to being recruited by traditional organized crime gangs. However, they were referring to “agencies” in Russia who would use their talents for their own ends. These agencies including the aforementioned FSB, which was involved in the recent Yahoo hack, or the Russian military intelligence (GRU). These agencies would not bother with due process or evidence when they found a hacker; rather, “they would take you” and then “you would work for them.” Ivanov and Gorshkov were talking about forced recruitment and the end of their freedom. This is a telling hint about why Russian cyber-criminals are not extradited and what becomes of them if caught. They end up working for agencies on state-sponsored hacking missions.
Conclusion
After the interviews, Ivanov and Gorshkov were taken offsite, arrested, and eventually convicted of their crimes.10 There were more twists and turns in Operation Flyhook. If you’re interested in more details, I recommend checking out The Lure: The True Story of How the Department of Justice Brought Down Two of The World’s Most Dangerous Cyber Criminals11by Steve Schroeder, one of the prosecutors in the case. You’ll find Ivanov, Gorshkov, and me right there in Chapter Four.
Looking at Russian hackers in a threat profile, you can see there are really two primary branches: criminals and state hackers, with the criminals being press-ganged into doing work for Russian agencies. Things really haven’t changed; Dmitry Dokuchaev, mentioned earlier associated with the Yahoo hack, was reportedly recruited into the FSB to avoid prosecution for fraud.12 Russian cybercriminals act as you would expect: earning a good living while trying to remain below the radar from Russian agencies and foreign law enforcement. They are often extremely technologically adept and often unreachable by law enforcement. Russian hackers are also very skilled at social engineering, usually employing well-designed phishing schemes and social media decoys. They are true hackers in the original sense of the word: they will chip away at a system for as long as it takes to find a way in. And often they will succeed.
Source link
lol
These hackers lived where the bending and breaking of the rules was just a part of the culture. Both men were astonished at how Americans obeyed traffic rules and smoking restrictions, citing how in their country such rules are ignored. They wanted to go into business for themselves but found it difficult to do so.…
Recent Posts
- Arm To Seek Retrial In Qualcomm Case After Mixed Verdict
- Jury Sides With Qualcomm Over Arm In Case Related To Snapdragon X PC Chips
- Equinix Makes Dell AI Factory With Nvidia Available Through Partners
- AMD’s EPYC CPU Boss Seeks To Push Into SMB, Midmarket With Partners
- Fortinet Releases Security Updates for FortiManager | CISA