We all know that a large amount of cybercrime originates in Russia and other eastern European countries that were former USSR states. But why is that? I decided to dig into this and did some research which turned out to be eye opening. One of the most fascinating sources of reliable information was a book called Putin's Kleptocracy: Who Owns Russia? by Karen Dawisha, professor of Political Science at Miami University.
Why cybercrime is so widespread in eastern Europe is closely connected and date-coincident with the rise of Vladimir Putin to Russia's autocratic leader. If this all sounds too unreal, I assure you it's the unpleasant truth.
I'm going to give you a very, very short summary of what happened, so you get the big ugly picture. Putin came up in the 1990's in the KGB in Leningrad, and was also stationed in the German town Dresden as a recruiter for agents, and obtaining high-tech secrets from the West. Yup, Putin was a spook stealing Western high tech intellectual property.
He created his personal network in Leningrad (renamed to St. Petersburg) there, consisting of political allies, his personal security people, and Russian Organized Crime (OC). The group he created around him, is the same as the one today that brought him to power.
From the beginning, Putin and his circle wanted to create an authoritarian regime, (call it a modern Stalinism really), ruled by a close-knit cabal with the interest to only enrich themselves, and not create a real democracy. The cabal consists of former KGB, mafia, and political and economic forces that joined together. They claim to be devoted to Russia and did this to save her, but they are more devoted to their personal survival and prosperity. The whole enterprise is being bolstered by high oil prices and state control over almost the entire media space.
It started out with the KGB moving all the Communist Party's vast financial reserves offshore, absorbing the Russian mafia and using them for black ops as a price for operating on Russian territory. At the same time, the KGB created hundreds of companies and several banks inside and outside of Russia to launder money. Good examples are the Bank Russia, and energy company Gazprom. Putin's cronies were put in charge of many of these, and many of these people have become billionaires. Their price? Total loyalty and like the mafia, silence: "Omerta".
While moving all this money abroad, the KGB found themselves using the same channels as the mafia for their illicit gains, and these funds started to get mingled up to a point where it was no longer possible to tell which monies belonged to the KGB and which to the mafia. So, when more or less spontaneous privatization was occurring through Russia, the KGB and the mafia got a head start.
To make all this happen in an invisible way, a top-down corruption scheme was hatched that truly starts with Putin and then goes all the way down to low-level government employees. You only get into Russian government by paying for it, and then get rewarded via "tribute" payments. The system put in place by Putin causes the Russian economy to be badly hamstrung because their is no technical innovation, except in cybercrime where the innovation is furious.
Russia scores very high in overall education, but the well-trained young graduates only have three choices: go abroad, start working for the corrupt government, or go into cybercrime. The third option pays very, very well and many take it.
The long and short of it is that organized crime in Russia is being allowed to operate, and has moved into cybercrime in a massive way, ransomware like CryptoLocker and CryptoWall being a good example. Now and then the cyber mafias are used by Putin as a resource to harass countries that get into his way. The same is more or less the case in countries like the Ukraine, where cybercrime also has become a measurable percentage of their gross domestic product.
Since they are thousands of miles removed, the major ways these bad guys can penetrate your systems are limited:
- Badly configured servers and workstations
- Known and unknown vulnerabilities in software
- Social engineering
That's why stepping users through effective security awareness training is such an important part of your defense-in-depth. Find out how affordable this is for your organization now: