Cyber Crime in Russia

This interesting article on Security Fix, a Washington Post technology blog, finds that of all the cyber crime coming out of Russia, it is actually Russian victims that top the list for hackers (this apparently contradicts the widespread myth that hackers based in Eastern Europe and Russia focus all their energy on attacking Western sites).  Below, I cite some of the banks and government offices in Russia which are controlled by cyber gangs. 

According to author Brian Krebs, even Gazprom executives have been hacked:  “Just a few minutes of digging through more than 30 gigabytes of keylogged data intercepted by security researchers yielded some interesting results, and more than a few important victims in Russia and Eastern Europe had their corporate Microsoft Outlook e-mail credentials stolen, along with other user names and passwords. Among them was Vladimir Novikov, head of the corporate management department for Gazprom Neft, one of the largest oil-producing companies in Russia. Mr. Novikov did not return e-mails seeking comment.

Team Cymru’s Steve Santorelli said firms in China and Russia are no more insulated from DDoS attacks than their Western counterparts.

“It’s clear from our monitoring that Chinese and Russian victims aremuch more common now than they were a few years ago,” Santorelli said.”There are several possible reasons for that but it’s a definite trendthat many other in the security community have also noticed.”

There also is evidence that cyber crooks have deeply compromisedsome key Russian and Eastern European government agencies andcorporations, as well as top officials at those entities.

Some of the more granular data to support that comes from TrustedSource, which is McAfee‘sglobal intelligence system that assigns reputation to networks based onactivity it sees coming from them. The following data sets show thatTrustedSource recently has observed virus e-mail and spam originatingfrom a variety of government agencies and banking institutions inRussia.

According to McAfee, compromised Russian banks include:

Rusfinance Bank
OGO Bank
Tusarbank
Link Capital Investment Bank
The Maritime Bank
Vladivostok Alfa Bank
Bank Eurotreid
Bank Voronezh
Bashcreditbank
Enisey’s United Bank
Inter-Svayz Bank

McAfee’s data suggests that computer systems in the following Russian government offices also are controlled by cyber gangs:

Ministry of Taxation, Nazran region
Russian State Internet Network
Regional Finance & Economy Institute
Joint Institute for Nuclear Research
Medical Center of Russian Federation President’s Department
Pension Fund of the Russian Federation
Personal Network for the Russian Federation Justice
JSC Chechen Cellular Communication