This is a robbery… online
Ehud Tenenbaum, alias “The Analyzer” has been found guilty of credit card fraud and a sophisticated hacking scam in New York. Federal civil servants estimate he stole 10 million dollars from U.S. banks. Tenembaun, 29 years, was also arrested in Canada last year, and still hasn’t been tried for allegedly stealing 1.5 million dollars from Canadian banks. This Israeli hacker hit the news 10 years ago when he was arrested for the first time at the age of 19. He could be sentenced to up to 15 years in prison, which we hope will be a deterrent. Wikipedia has a list of recently convicted cyber-crooks. However, the fight against cyber-crooks doesn’t always end this way…
Malware has become a multi-million dollar business where catching hackers is difficult (the Internet has no barriers, but the law and the police do). In addition, and due to different laws, hackers that are caught are fined with sums that are rarely proportional to the seriousness of their crimes and the illicit benefits they obtain. I remember a cartoon, where a robber points a gun at a checkout operator who answers: “Why do you go to so much trouble when you can do it online?”, and at less risk…
Cyber-crooks take advantage of the fact they are extremely difficult to track. Their business structure is increasingly complex: some hackers create banker Trojans, others distribute them to steal credit card details and others launder the money stolen. Criminal activity spreads across countries, while there is little inter-state collaboration. Security force investigations have several limitations.
Furthermore, the few cases in which criminals are identified, on being tried there is no adequate cyber-crime legislation (crimes are not classified) and in general, the law is not ready to try these kinds of cases. Some criminals are sent to prison, but in many cases they are only fined (which is affordable for cyber-criminals).
As an example, PandaLabs carried out the following “mathematical exercise”: due to the rapid increase in rogueware (fake antivirus software) and to its single objective of obtaining financial benefits, PandaLabs wanted to quantify its economic effects. Based on estimates made by the IT sector, PandaLabs calculated cyber-crooks were earning 34 million dollars a month thanks to rogueware.
With such vast potential profits, there is a need to adapt legislation, advance inter-state cooperation and increase prison sentences. We are increasingly finding that where there is malware, there is a professional criminal operation behind it.
![[Post to Twitter]](http://www.pandainsight.com/en/wp-content/plugins/tweet-this/icons/tt-twitter.png){kind=icon}
