Organized cybercrime a pervasive problem

Cyber criminals are launching increasingly sophisticated computer attacks that use multiple languages and exploit popular applications, says the California-based CEO of anti-virus software developer McAfee Inc.

"This is a pretty pervasive problem around the world right now," Dave DeWalt told reporters during a recent visit to Toronto, where he addressed the Economic Club of Toronto. "One of the biggest concerns of NATO members are these organized attacks."

Just over a year ago, waves of co-ordinated computer attacks rocked Estonia and shut down thousands of the Baltic country's websites for days. They started with newspapers and television stations, then turned to schools and quickly spread to the nation's largest bank.

The attacks started almost immediately after city workers removed a bronze statue in the Estonian capital of Tallinn on April 26, leading many observers to conclude the two events were linked.

Officials had originally erected the monument to commemorate Soviet soldiers who died defeating the Nazis in the Second World War.

Estonians, however, saw it as a painful reminder of more than 50 years of Soviet occupation. Riots and demonstrations immediately broke out in both countries.

"Nobody could ever prove it was the Russians but the timing definitely was suspicious," said DeWalt. "I remember it shut down utilities, telcos ... paralysed practically the entire country."

Following the attacks, NATO spokesman Robert Pszcel told The New York Times that countries all over the world were watching.

"Events of this nature make a lot of people sit up," he said. "Today Estonia, tomorrow it could be somebody else."

Ronald Gruia, a senior telecom analyst with consulting firm Frost & Sullivan in Toronto, said such an attack could also happen here in Canada.

"There is definitely the potential," he said in an interview. "I think we certainly need to be careful. We are potentially just as much a target as Estonia."

After the Estonian computer incident, a Russian man was arrested by authorities and insisted he had been operating on his own. But some observers still believe the Kremlin may have been involved in the attacks, allegations denied by Moscow.

There are currently eight million cyber attacks each day on the Pentagon in Washington alone, said DeWalt.

The threat is also present in Canada.

Last February, Quebec Provincial Police raided homes all over the province and arrested 17 suspects in what it called the largest and most damaging computer-hacking network ever uncovered in Canada. Many of the victims were as far away as Mexico, Poland and Brazil.

Police said the suspects used sophisticated remote-control access to gain control of almost a million computers in 100 countries around the world. Once that occurred, they could carry out identity theft, data theft and denial-of-service attacks.

The probe began in 2006 after complaints started surfacing from government agencies, businesses and private individuals.

Police carefully traced IP addresses that had been rerouted through dozens of computers all over the world.

A spokesman for the RCMP's Integrated Technological Crime Unit (ITCU) said computer crimes are on the increase.

"With more people using computers and the internet you're definitely going to get more computer crime," Sgt. Ron Rimnyac said in an interview.

One of ITCU's most high-profile cases has been the 2006 arrests of 18 alleged terrorists who were planning assaults on southern Ontario locations. Bomb-making supplies, guns and ammunition were seized by police.

"There were a number of computers that were also seized as a result of that investigation and we helped go through them," Rimnyac said.

Rimnyac added ITCU members often work with smaller police forces who lack the technical expertise to properly investigate some computer crimes.

DeWalt said McAfee has set up its own special AVERT teams (anti-virus emergency response teams) to look for the latest computer security threats and find ways to stop them.

As of February, they had identified 371,002 unique threats, according to a company press release.

It added the amount of malware, or malicious software, jumped 246 per cent from 2006 to 2007, with McAfee employees discovering another 527 each day.

Around the World

* Japan - A popular peer-to-peer application in Japan called Winny is prone to malware and could cause serious data leaks. In the corporate setting, the Winny malware can expose data, steal passwords and delete files.

* Russia -Some of the most notorious attack toolkits are produced in Russia and sold in underground markets. These grey-market malware tools, combined with a lack of legislation against computer crime, lead experts to believe that the Russian Mafia will soon - if it hasn't already - latch onto cybercrime.

* Brazil -With a majority of Brazilians banking online, cybercrooks use a sophisticated social engineering scam to trick people into giving out personal information. In 2005 alone, the Brazilian Banks Association estimated losses at about US$165 million due to virtual fraud. Malware creators rapidly adapt password-stealing Trojans to the changes banks make to their websites.

Source: McAfee

The Russian Mafia is believed to be behind much of the crime wave, but Canada is not exempt