The 32-year-old son of a Russian parliamentarian and an ally to Vladimir Putin has been sentenced to 27 years in prison by the U.S. government for causing damages worth $169 million. Roman Selenev, known as “Track2” in the cybercrime underworld was described as a “pioneer” of credit card data theft. His modus operandi was hacking point-of-sale systems to steal credit card data. Not only did he drive several U.S. firms to bankruptcy, but also established an entire market for stolen credit card information.
Hackers are now going to prison for 20-30 year stretches. The number of hackers being successfully prosecuted and receiving prison sentences has grown in recent years. In the murky mix of state-sponsored hacktivism and criminality, authorities in Russia and China have assisted the US in capturing hackers. The criminal hacker who stole a vast amount of customer data from JPMorgan Chase was arrested with the assistance of Russian intelligence in December. He had been hiding out in Moscow. Chinese authorities arrested hackers in connection with records theft of staggering 22 million U.S. federal employees. This is just a small sample of successful captures.
The growing issue of cybercrime
The reality is that cybercrime does pay and is difficult to defend against. Law enforcement resources are overstretched and hackers are getting away with it. Even though more criminals are being apprehended, that number is most likely being dwarfed by a greatly increasing cybercrime wave. It is reasonable to assume that the ratio of incidents to arrests is growing larger by the year.
The statistics on cybercrime are frightening. Approximately half of all reported security breaches are caused by hostiles, with the remainder due to system or human error. The cost of a data security breach is estimated at $4 million on average. Actors in the cybercrime underworld can be categorized into four distinct groupings: pranksters, super-criminals, hacktivists and nation-state attackers.
Detection and prosecution of the criminal elements are restricted by global reach of the Internet. The law enforcement agencies of nation states already have a full case load of local crime issues without the added difficulty of seeking cross-border cooperation. Also, the skills required to pursue hackers are still in relative short supply within law enforcement agencies.
Stay clean, stay safe
Young people, especially those who possess the necessary technical skills, can be easily seduced by the seemingly easy pickings. Criminal activities can be launched from their own bedroom these days – what the FBI calls “criminal computer intrusion”. Phishing, fraud, ransomware are all on the rise. Often the perpetrators are 18 and 19 year olds.
For regular law abiding citizens or “netizens”, it pays to utilize a heightened sense of awareness online. Scams and get rich quick schemes abound. The old adage of “if it looks too good to be true, then it probably is” certainly holds true more often now than it ever did before.
Simple precautions include never clicking on email attachments from a source you do not know or completely trust, and not using the same password for every online account (an extremely common security weakness, apparently).
The cavalry will not come over the hill
For companies and individuals, it is important to realize that every device with the capability to access the Internet, can also be accessed from the Internet. This means that hackers can infiltrate equipment, systems and confidential information. The authorities can only do so much and it is not their responsibility to come to the rescue of every person or company that has been attacked and suffered a data security breach.