Monday, December 15, 2014

Threat Actor Profile: Eastern European Coders, Crackers, and Hackers






image source: mashable.com


Hackers from Eastern European countries are credited as being the best in their field. They are very good at creating malware, cracking software (a term for enabling proprietary software use without purchasing a license), and hacking into individual and organizational systems to steal financial data and other personal information. Some might say that Chinese hackers operate with the goal of stealing governmental and trade secrets, while their Eastern European counterparts are after the contents of our wallets.

Technology

Typical personal computer systems in Eastern European countries are old, slow, and outdated. Either that, or they are built from do-it-yourself kits made by local manufacturers. To get anything to run correctly on these systems is a virtual miracle. Is it any surprise then, that programmers in Russia, Estonia, and other Eastern European countries are some of the best in the world? They are trained at an early age to write code that is lightweight, efficient, and effective. Key malware that has been used recently in high profile security incidents, including the
Trojan Horse Bug, Turla, SNAKE, BlackEnergy, and BlackPOS all originate from Eastern Europe. It should also be noted that these examples made headlines in the last six months and include only a very small portion of the new code that surfaces daily from the Eastern European cyber underground. Necessity has driven a new generation of programmers in the region to create extremely deadly and targeted code that leaves a very small footprint and goes undetected by intrusion detection mechanisms and antivirus/antispyware sofware.

Education and Labor Market

One of the most influential and impactful changes to Eastern European countries since the fall of the Soviet Union has been advancements in education, more specifically the maths and sciences. According to the
PISA, Estonia’s educational system has moved from seventh in the EU (thirteenth overall) to second in the EU (sixth overall), in less than ten years. We should all congratulate their accomplishments, as well as that of other Eastern European countries that have seen similar success. While education has flourished however, employment rates in these nations have largely plateaued or even declined. Many young scholars are forced to turn their superior minds to work in the cyber underground, writing malware, stealing payment information, or otherwise contributing to the overwhelmingly dangerous capabilities of this hacker subculture.

Culture of Apathy

Recent historical struggles in Eastern European countries have created a hotbed for criminality. Young adults turn to organized crime and the criminal underworld for survival, and there is little that the respective governments can do to curb the problem. Instead, these governments (notably in Russia) turn to internal policy. As long as the attacks are not conducted against local organizations, they are virtually ignored. Afterall, how can a government rightfully prosecute criminality that is seemingly victimless and provides a means for its citizens to feed themselves without depending on social programs?

For further reading, please check out
this document by VeriSign and this thesis by Justin Allen Wilmes. As always, please let me know your thoughts in the "comments" section below. I always take pride in addressing comments and answering questions. Afterall, the best information protection efforts and advancement of the cybersecurity field is through collaboration between like-minded people. Thank you for visiting!
 


Steve P. Higdon has been working in the information security field for over ten years, providing support and consultancy to several public and private sector organizations. Steve holds several industry certifications and can be reached via email at infosec@stephenhigdon.com and on Twitter at @SteveHigdon.