[ISN] Criminal Information On The Wires

From: mea culpa (jerichot_private)
Date: Tue Apr 28 1998 - 22:51:56 PDT

  • Next message: mea culpa: "[ISN] Hackers' Dark Side Gets Even Darker"

    http://www.techweb.com/se/directlink.cgi?WIR1997051912
    
    Criminal Information On The Wires
    By Douglas Hayward
    
    A Russian criminal gang breaks into a bank undetected after immobilizing
    the alarm system with a blast of electromagnetic energy. Hundreds of miles
    away in Holland, a criminal mastermind keeps one step ahead of the police
    by bugging and deciphering even their most secret communications. These
    two events, though far apart, are part of the same frightening phenomenon:
    the growing use by criminals of sophisticated information warfare (IW) 
    techniques and technologies borrowed from the military and security
    services. 
    
    Information warfare is the art of monitoring or attacking your enemy's
    communications and information networks. IW techniques range from overt
    physical attacks aimed at damaging or destroying communications and
    computer networks to covert "virtual" attacks -- such as tapping
    communications or hacking computer files -- which rely on their effect of
    being undetected. Information warfare also includes elements of propaganda
    and psychological operations, such as jamming enemy broadcasts and
    replacing the content with your messages. 
    
    Show Me The Money = Show Me The Crime
    
    IW used to be a technique used by generals and spies, but now it's
    something happening on the streets in any town. 
    
    "A great part of IW now takes place in the field of computer-related
    crime," says Captain Freddy Gevaert of the Belgian national police, the
    Gendarmerie. "We have gone beyond the world of tangible goods and stepped
    into a virtual world where data is knowledge, knowledge is power, and
    power is money. And where you find money, you find criminal
    organizations." 
    
    Most business organizations have become totally dependent on their IS and
    communications networks. If you can raid the computer files of a bank with
    impunity, you can steal money electronically, which happened to the
    Citicorp bank in 1995, when a Russian criminal hacker group illegally
    transferred an estimated $12 million. Russian criminal gangs have also
    used IW hardware devices -- such as electromagnetic pulse guns that knock
    out communications systems using intense energy bursts -- to immobilize
    banks' alarm systems. 
    
    A recent criminal investigation in Holland showed how criminal gangs are
    using IW techniques not just to attack commercial targets, but also to
    harass and outmaneuver police and judicial agencies. 
    
    Too Advanced To Follow
    
    "In the early 1990s, we found ourselves dealing with an opponent who was
    technologically ahead of us and who was therefore very difficult to
    follow," says Piet Kruijer, a chief inspector in the Amsterdam police. "We
    discovered that information warfare can be used against the police force
    and civil authorities as well as against industry and military
    organizations." 
    
    Kruijer's opponent was an Amsterdam gangland boss, Charles Zwolsman, who
    created a sophisticated counter-intelligence organization, backed by
    impressive hardware and software technology, to destabilize the police
    investigation into his operations. 
    
    Zwolsman's private intelligence agency, dubbed the "Service Department" by
    Kruijer, operated as five separate groups, or "cells." As with military or
    terrorist groups, each cell worked independently and only communicated
    with others when necessary. A group calling itself the
    "counter-observation team" (COT) shadowed police personnel and passed on
    intelligence -- including home addresses and license plates of police
    personnel -- to Zwolsman. A second group of wiretapping experts -- dubbed
    the "scanner freaks" -- developed and installed wiretapping equipment,
    with the help of people within the Dutch telephone company and local
    universities. 
    
    Two separate groups of hackers -- one politically motivated and another
    more criminally oriented -- monitored police IS and communication systems. 
    
    "These groups succeeded in cracking the analog encryption used by many
    Dutch government services," Kruijer says.  "They could decode our
    conversations within three days of interception." 
    
    A fifth group, known as the "technical criminals,"  developed the IS and
    communications infrastructure supporting the others. This group also
    recorded and analyzed all pager messages sent by the Dutch police, 24
    hours a day, using bespoke hardware and software. 
    
    Psychological Warfare Against Police
    
    Using the inside information acquired from monitoring police
    communications, Zwolsman kept one step ahead of the Amsterdam police for
    months on end. But he also waged a destabilizing psychological war against
    Kruijer's people, using information gathered by the COT and the
    wiretapping units. 
    
    "We discovered that our communications were being tapped, computers and
    files were disappearing, attempted burglaries were made on houses of
    investigating officers, and our people were subjected to threats and
    blackmail attempts," Kruijer says. Transcripts of conversations
    embarrassing to the police and the judiciary were also leaked to
    journalists, he adds. 
    
    Zwlosman was only defeated after Kruijer identified and pursued key
    members of the service department during an 11-month period, ending with a
    wave of house searches and arrests in September 1995. Zwolsman and several
    associates were convicted, and the organization was broken -- at least
    temporarily. 
    
    The experience taught Kruijer two lessons: that criminals are building
    technological infrastructures potentially more powerful than those used by
    the police; and that the authorities must change the way they operate. 
    
    "Since the Zwolsman case, we've managed to raise the awareness of this
    sort of problem within our organization, but we are always going to have
    people within the police who underestimate the problem," Kruijer told a
    recent conference organized by the National Computer Security Association. 
    
    Keeping Abreast Of Criminal Activities
    
    One way to protect police against IW attacks is to bring IS expertise into
    the investigating team itself. This is a move considered radical by some
    police traditionalists, because it involves IS personnel crossing the
    boundary between "operational" and "administrative" duties. But Kruijer
    says it's necessary if the police are going to keep abreast of
    technology-literate criminals. 
    
    "It is important that technical experts become part of the investigating
    team, and that they can develop techniques to help the investigation,"
    Kruijer says. "We have got to work on our techniques and make them more
    creative, and we've got to change the mentality of our organization." 
    
    Is the Zwolsman case an isolated incident? Kruijer and his colleagues
    believe not, and they're probably right. The tools and techniques used by
    Zwolsman's service department are universally available. Even some of the
    detailed raw information needed by criminals is up on the Net. For
    example, political groups sympathetic to the Irish Republican Army have
    posted extremely detailed information about the Northern Irish police
    force on easily accessible Web pages. 
    
    The Dutch police are now moving to a digital voice network, which is
    harder for criminals to crack. But the challenge for them and for other
    forces will be to keep one step ahead of criminals who are increasingly
    technologically sophisticated. 
    
    
    -o-
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: Dimensional Communications (www.dim.com)
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:52:04 PDT