[ISN] Ex-Soviet States a Hotbed for World-Class Hacking

From: InfoSec News (isnat_private)
Date: Mon Apr 16 2001 - 01:49:29 PDT

  • Next message: William Knowles: "[ISN] "Top secret" laptop reported missing"

    By Colin McMahon
    Tribune foreign correspondent
    April 15, 2001
    TALLINN, Estonia -- Tonu Samuel says he is part of the solution to the
    growing threat from computer hackers and cybercriminals.
    The Estonian Internet company whose system Samuel hacked into says he
    is part of the problem.
    Their dispute is a small one in a small nation, but it captures the
    challenges facing companies and governments in the Internet age.
    Information that should be private and protected--telephone records,
    Internet passwords, credit card numbers and PINs, and medical
    histories--is proving vulnerable to a growing legion of hackers in
    Estonia and elsewhere in the former Soviet Union.
    Equal-opportunity hacking
    The hackers are not targeting only their countries' computer
    systems. For fun or profit, they are going after commercial and
    governmental targets in the West as well.
    Tonu Samuel knows how easy it can be.
    Samuel says he routinely tests--and penetrates--the security systems
    of some of his favorite targets, with Eesti Telefon's communication
    portal apparently No. 1.
    "How is it possible that I am always cracking their system?" Samuel
    said during a long show-and-tell computer session in Tallinn. "I'm
    just one guy. They are just too slow to secure their systems. Any
    schoolboy could get in."
    Samuel, 28, designs computer security systems for clients in the
    Baltic states, Europe and North America. He also hacks.
    Last September, Samuel allegedly broke into Eesti Telefon's portal,
    Hot.ee, and extracted about 60,000 user names. He told a local
    reporter how to do it, resulting in a newspaper article that left
    Eesti Telefon scrambling to calm the public's worries about online
    He says he could have told the reporter how to find the passwords to
    go with the user names. He did not.
    Then Samuel went on a live television show and hacked into the Hot.ee
    Trouble with the law
    Soon police raided Samuel's home in Tallinn and confiscated his
    computer equipment. He was charged with illegal use of a computer
    network. If convicted, he could be sentenced to 2 years in prison.
    Samuel can explain how he did all this, but he struggles to articulate
    why he did it.
    He seems offended by any security system he considers shoddy.
    "I think what I am doing is right," Samuel said. "I am not doing it
    for money. I have never sold anything. It is just that there are some
    basic principles people should follow and they don't. And no one is
    doing anything to stop it."
    Actually, companies and governments around the world are spending
    billions to stop cybercrime. Increasingly they are concerned about
    hackers from Samuel's part of the world: Russia, Ukraine and other
    former Soviet republics.
    Warning from the FBI
    FBI officials this year specifically pointed to those countries in
    warning American businesses about fraud and extortion linked to credit
    card numbers and other consumer data.
    "The Cold War is over," said Ronald Dick, a veteran FBI agent named
    last month to direct the agency's cybercrime unit. "However, there are
    still certain things that linger on, and this is one of them."
    Russian hackers have been blamed for several high-profile
    cyber-attacks in recent years, their Western targets ranging from
    CDUniverse.com to Microsoft to NATO. At the same time, Russian police
    say computer-related crimes such as stealing credit card numbers or
    pirating software are rising dramatically at home as well.
    Russian hackers even broke into the giant natural gas monopoly
    Gazprom, temporarily seizing control of the system that manages
    pipeline gas flows.
    `They have fun'
    "There are a lot of bad hackers, mostly in Moscow," said Yevgeny, who
    declined to give his last name. He calls himself a "good" hacker and
    hires himself out to test software or the soundness of security
    systems. "They've got nothing to do, so they have fun.
    "The best ones are all in Ukraine," Yevgeny said. "They are in high
    demand from banks and other organizations, and sometimes they are
    taken by bandit groups against their will. There are no more clever or
    talented people anywhere else, not in America, not in Canada."
    In some ways, the Soviet government was the world's first hacker,
    copying Western computer technology instead of developing its own,
    stripping down Western software to adapt it to Soviet technology.
    Many Russians have an innate curiosity about how things work and an
    ability to adapt on the fly.
    "When a light fixture blows, what do people do in Finland or
    Europe?" asked Hillar Aarelaid, who directs Estonia's data protection
    agency. "They call someone to come and fix it. In Russia, the guy
    figures out how to fix it himself.
    "That is your answer as to why Russians are the best hackers."
    Samuel emphasized that point. As good as he might be, he said, many
    were better and more committed. What he could do, they could do, and
    Samuel called up a database on his ever-present laptop and within
    minutes displayed a dossier on a random fellow resident of
    Tallinn. Besides the person's basics, Samuel can find what cars she
    owns, her driving record, her unlisted phone number, and the addresses
    of friends and relatives.
    Another database listed the woman's telephone history; outgoing and
    incoming calls updated practically to the minute.
    "You know, if I am driving in my car and someone beeps at me, I can
    just find their license plate, find their phone number and call them
    at that moment to say, `Hey, don't beep at me anymore,'" Samuel
    said. "Or to do something else."
    Public data for sale
    It is the "something else" that worries Samuel, he
    said. Law-enforcement and government computers have been hacked to
    such an extent in Estonia, he said, that sensitive information on
    public and private individuals is available to any criminal willing to
    pay the price.
    "If all these databases are collated into one, it could be a very
    powerful tool," Samuel said. "If the Mafia or some criminal group
    wants this information, they can just pay someone to go get it."
    Yet criminal is exactly what Samuel is accused of being.
    Whether prank, attempted theft or publicity stunt, Samuel's invasion
    last September of Hot.ee caused considerable damage, Eesti Telefon
    "The system's configuration was changed, disabling the security
    solutions and enabling data to be copied," said Ain Parmas, an Eesti
    Telefon spokesman.
    Parmas rejected Samuel's claim that he was just pointing out--albeit
    in a public and embarrassing fashion--the flaws in the Hot.ee system.
    "Certainly we had to develop security management in any case," Parmas
    said. "But the illegally done changes to the system configuration
    caused a lot of additional work."
    Parmas also said that Hot.ee was improving its security systems and
    working to meet standards set by the Estonian government for data
    Facing uncertain fate
    Samuel mixes bouts of regret with outbursts of defiance.
    He said he has lost contracts, partly because the police still have
    his computer and disks. Some friends and colleagues in the information
    technology world think he has gone too far. ("The IT brotherhood is
    divided on this," Aarelaid said.)
    Samuel is willing to bargain with prosecutors and with Eesti Telefon,
    he said, but the other side seems unwilling to talk. No trial date has
    been set.
    "Of course it is cool to be in the newspapers and whatever, but I want
    this all to just go away," he said. "I'm pretty limited in what I can
    Yet Samuel acknowledged that just recently he was snooping around in
    the Hot.ee system, trying to see whether some security holes had been
    ISN is hosted by SecurityFocus.com
    To unsubscribe email LISTSERVat_private with a message body of

    This archive was generated by hypermail 2b30 : Mon Apr 16 2001 - 02:33:52 PDT