How did the Ukraine become a Hotbed of Criminal Hacking?

Gennadi Kapkanov, 33, a Russian-born Ukrainian hacker

The New York Times came out with a great backgrounder why the Ukraine is such a hotbed for cyber criminals like Gennadi Kapkanov, 33, a Russian-born Ukrainian hacker, the man suspected of leading a gang accused of stealing more than $100 million.

He was arrested Nov 30, in Poltova, Ukraine, but the following day, Kapkanov had been set free and immediately disappeared. Whether Kapkanov’s flight was the result of corruption, incompetence or a mix of the two has not been clearly established.

This incident illustrates the hacking mess in Ukraine, here are the five most important points, and at the end is a link to the NYT article with much more detail:

  • Rampant corruption up to the highest government levels
  • Chronic destabilizing efforts by Russia
  • A weak state, not able to enforce their laws
  • After having been ruled by foreigners, Ukraine's national idea is resistance to authority
  • All-powerful olicharchs and virtual absence of state control over media and oligarchic competition

Igor Gavrilenko, a lecturer in Ukrainian history at the Poltava National Technical University, said the release of Mr. Kapkanov, the man accused of being a cybercrime kingpin, was typical of the dysfunction that has plagued Ukraine.

“The whole situation is absurd, but nothing in my country really surprises me anymore,” he said, sitting in a park near the Poltava battle monument. “Ukraine is a country where anything is possible if you have money.”

Investigative reporter Brian Krebs wrote about him: "Kapkanov rented out access to a criminal cloud hosting service known as “Avalanche”, which has been a major source of cybercrime for years. In 2009, when investigators say the fraud network first opened for business, Avalanche was responsible for funneling roughly two-thirds of all phishing attacks aimed at stealing usernames and passwords for bank and e-commerce sites.  By 2011, Avalanche was being heavily used by crooks to deploy banking Trojans, comprised up to 600 servers worldwide and was used to host as many as 800,000 web domains at a time."

This is the kind of infrastructure that allows ongoing phishing and ransomware attacks on Western organizations in Europe and America. Law enforcement does not have the reach to catch these bad guys, and they are provided air cover by the Kremlin. Kapnakov probably had atrocious OpSec if any, and that is what tripped him up.

We need to deploy defense-in-depth and as part of that step end-users through awareness training because these attacks often find their way through all the security filters.  Full article at NYT.

I strongly suggest you get a quote for new-school security awareness training for your organization and find out how affordable this is. You simply have got to start training and phishing your users ASAP. If you don't, the bad guys will, because your filters never catch all of it. Get a quote now and you will be pleasantly surprised.

Get A Quote

Don't like to click on redirected buttons? Cut & Paste this link in your browser:

 Let's stay safe out there.

Warm regards,

Stu Sjouwerman,

Founder and CEO, KnowBe4, Inc



Topics: Hacking

Subscribe To Our Blog

Ransomware Hostage Rescue Manual

Get the latest about social engineering

Subscribe to CyberheistNews