The Real Cybercrime Geography

Editor’s note: Arkady Bukh, Esq., is a New York criminal attorney who focuses on high-profile white collar crime and federal cases. 

When Sony Pictures was the target of a recent cyber attack, computer experts were quick to speculate that North Korea was behind the digital infiltration. Things happen quickly in the digital world, and now many experts are doubting the original idea that North Korea walked around inside Sony servers in reprisal for “The Interview.”

North Korean spin doctors were quick to claim that they did not hack Sony, and some U.S. cybercrime experts say that the North Korean propagandists might be telling the truth. Pointing to the evidence the FBI has presented to incriminate hackers working for the communist government, the U.S. experts say it is just not enough to use to blame Pyongyang.

Sam Glines, CEO of cybersecurity firm Norse, said, “It’s clear to us, based on forensic evidence we’ve collected, that [North Korea] is not accountable for arranging or initiating the attack on Sony.”

Whoever the hackers are, they have been busy. Tons of information gathered from Sony’s servers have been gathered and released. Information including the film’s budget, cast salaries and even the little known $5,000 that Kevin Federline picked up for a cameo appearance.

To some, the idea that North Korea, a country still officially at war with America, doesn’t come as a surprise. North Korea has never been on the radar for computer attacks and denial-of-service attacks. India? Yes. Iran and Iraq? Definitely. Russia? There may be a surprise there.

Symantec ranked 20 countries that generate the most cybercrime. In compiling the list, Symantec looked at six factors: share of malicious computer activity; malicious code rank; spam zombies rank; phishing; bot rank; and attack origin.

Together, the factors paved the way for Symantec to rank the 20 top countries in terms of cybercrime. The top five countries, according to the survey were the U.S., China, Germany, Britain and Brazil. The bottom three on the list? Argentina, Australia and Israel. Russia came in at No. 12 and South Korea at No. 14. North Korea didn’t break into the top 20.

Gather 10 American computer enthusiasts around a coffee table and invariably the talk will turn to hacking, cybercrime and how the Russians are to blame. Not true. While the Russians have been active in cyber-hacking and cybercrime, they have played an outsized role in the cybercriminal world.

For most of the Internet’s existence, if someone wanted to hack a phone, place an order for a cyberattack or buy a program to swipe financial and banking information, all they had to do was look at the former Soviet Union. The sophistication of computer-hacking services sold on Russian language sites give a small look into the Russian underground that has cost Western firms billions in online banking fraud and credit card theft. So, if Russia is so good, why do they just rank at No. 12?

Vitaly Kamluk, a cybersecurity researcher and specialist, says, “If you look at the quantity of cyber attacks, the leaders are China and Latin America, followed by Eastern Europe. In terms of quality, Russia is the leader.” Few are as good at making money from hacking as the Russians.

The word “hacking” can make temperatures rise among hardcore techno-geeks, but not all hacking is intolerable — or even illegal. However, a great portion of it is and the Russian computer community walks the red carpet inside the global hacking community.

Russia is not just the leader in terms of quality-of-cyber-attack services, the Russians have also set the pace for the largest cybercrimes in American history. The largest cybercrime case belongs to Russia in which a banking card fraud scheme that cost American companies more than $300 million.

The chance of being prosecuted is low enough that the risk does little to dissuade educated and skillful programmers who are under-employed. The enticement to turn to hacking for fun and profit is rich. In a nation where the wages come in lower than the West — and life is expensive —the temptation to pivot to crime and great. Additionally, the hackers, usually, are giant steps ahead of the techno-geeks trying to catch them.

The Russian government has so far taken a hands-off approach to dealing with the problem. Experts say that as long as the hackers are targeting foreign victims, Russian authorities will sit back and let the hackers build the digital tools needed to tunnel into computer vulnerabilities. The Russian authorities then hope to use the developed tools for their own cyber espionage.