電脳網での間諜, 泥棒、ヤクザ
REPORTAJE
Ciberespionaje, piratas y mafias en la Red
El delito cibernético mueve ya más de 240.000 millones de euros al año. Y muestra la vulnerabilidad de todos nosotros, cada día más dependientes de los dispositivos electrónicos.
Además, una amenaza descomunal se cierne sobre Occidente: el espionaje de la tecnología de las grandes empresas desde países asiáticos, sobre todo China. En este reportaje de junio de 2012 viajamos de Barcelona a Moscú y Bangkok por los callejones más oscuros de la Red.
Heriberto Araújo / Juan Pablo Cardenal 19 FEB 2013 - 14:42 CET
FEATURE
Cyber espionage, hackers and mafias in Red
Cybercrime and moves more than 240,000 million euros a year. And it shows the vulnerability of all of us, increasingly dependent on electronic devices.
Furthermore, a huge threat looming over the West: espionage technology large companies from Asian countries, especially China. In this report June 2012 we traveled from Barcelona to Moscow and Bangkok by the darkest alleys of the Web
Heriberto Araújo / Juan Pablo Cardenal 19 FEB 2013 - 14:42 CET
The last of the spring snow falls on Moscow forces jump in puddles before winning the shelter of one of these buildings very close to bad taste that are so common in the Russian capital. Inside, the company Kaspersky Lab, one of the world's leading security solutions, deployed its base of operations across a handful of plants which restricted access is guarded by burly guards. Musculature look generous, stern look and military haircut. The tight security confirms that there is a war within. A crusade silent but merciless against Internet crime, the greatest enemy of the technological revolution of the XXI century.
A thousand young people, mostly engineers, coordinated and disciplined work staring at their computer terminals. Showing almost abducted by two black background screens and green characters that make up the code of computer viruses and decrypt gutted to the bone and then fight them. Every day 50,000 worms are from all over the world. "No pictures here," launched one of the people who guide us through the bowels of the company.
No one would say that these experts are the last ditch defense for millions of people around the world that with our ingenuity, served on a silver platter to a business extremely lucrative organized criminal gangs who use the Internet to take camouflage gold. Cybercrime is now a vein of such caliber that Symantec, the American colossus sector, said last year that could be moving globally around 388,000 million (more than 241,000 million euros) for all items. More even than the drug trade banned.
Interpol, which will centralize its fight against cybercrime at a location to open in Singapore in 2014, goes even further. Its president, Khoo Boon Hui, said last month in Tel Aviv that the cyber "in Europe has a cost of 750,000 million euros a year." While measuring the phenomenon in a true calculation is not an easy, very few doubt that we have built our future on a technology that we are not really able to protect. Cloud Computing, the global expansion of social networks like Facebook, Twitter and Renren or, in general, the growing and unstoppable technological connectivity that dominates our lives exacerbate a problem that threatens to spin out. The theft of credit card data or identities, bank fraud, the massive spam and blackmail are just some examples that attest to the Internet is fertile for crime. Criminals act with impunity that allows anonymity. No need to hide in Latin American rainforests or deserts of the Middle East. They are everywhere and we are all victims.
The future of business is in mobile. Yet we know that phones can be a great source of fraud
Eugene Kaspersky, 47, founder of the company that bears his name, check out your email to certify. "This morning I received 60 emails and 400 spam (unwanted)" explains the mathematical engineer whose personal fortune amounts to $ 800 million, according to Forbes magazine. A large screen with graphics next to his office records the number of spam messages received by the company servers: 10 million every day-or, what is the same, 99% of total traffic, which come in Most of India and Latin America. "This sector is very interesting because it struggles against evil, some of which are very professional and sophisticated. It's like a sport, "he adds, laughing, the Russian czar Internet.
But it's a dirty game, with the exception of cases that have become world famous for Anonymous, authentic is being perpetrated by criminal organizations. Nothing installed in a garage idealists pursuing the intellectual challenge of hacking a computer network. In contrast, pure underworld whose connections ranging from drug trafficking to illegal arms sales, and have now found a new way Network of profit. According to calculations yielding the Kaspersky database, the world would have between 1,500 and 3,000-mafias developing malware or virus, to infect computers and steal everything that is convertible into money. And, for those who are unable to schedule, all that cyber ammo is for sale on the black market.
In the nineties, the mafias of the "Russian school" were the pioneers. The business flourished thanks to the illegal use of bulletproof hostings, ie domains located in countries such as Russia, Ukraine, China and Nigeria, where it was virtually impossible to be tracked by the limited legal and police cooperation of these nations. But today no longer monopolize the business. A new wave of cyber criminals originally from the favelas of Brazil and elsewhere in Latin America pursued their cake. They are young people with computer skills and an arsenal cyber Network at their disposal, which is accessed by invitation through hundreds of forums.
"The black market is everything. You can rent thousands of previously infected computers for malware and put your reaching you credit cards. In fact, you can buy anything. You pay an amount and you forget everything. What you catch is for you, "said Barcelona Vicente Diaz, Kaspersky analyst and one of the largest Spanish experts in computer security. The potential benefit is a matter of chance. According to Panda Security, 35.5% of computers worldwide are infected with malware. In Spain, almost four out of ten computers would be poisoned, the seventh country in the world ranking. The juicy booty that lies behind such a plague is information, sold and resold on the Internet for different purposes and prices.
In 2009, hackers gained access to the heart of even the most powerful Internet company, stole Google's DNA
The infection is perfect move large scale equipment. They install trojans, worms and viruses on computers to take control of others and to steal from bank accounts and passwords to Facebook data, photos or email addresses. Imagine a thief breaking into your house and stealing everything that has, from the family jewels to the most intimate photos. Súmele rogue the ability to exploit this information through a data matching so minute that makes you capable of becoming, of personificarle, in the digital world. And you do not repair the least in what is happening.
Although currently the most lucrative is identity theft, in the industry say that the future of business is certainly on mobile phones. "Unfortunately, we are very reactionary. We carefully with computers, but do not think that the phones can be a source of fraud, "says Diaz. The vulnerability of mobile public was conveniently contrasted with the hacking of Scarlett Johansson nude photos of the actress kept on his iPhone. According to an estimate by the U.S. Census Bureau and Forrester Research said in a report from the technology company Cisco, in 2003 the world had 500 electronic devices, one for every 10 people. In 2010, that number skyrocketed to 12,500 million, or almost 2 per person on the planet. According to these estimates, that figure will double by 2015 and reach 50 000 million handsets in 2050.
Each of these devices connected to the Internet is an opportunity, because an attack is a relatively simple act. The key is to exploit a vulnerability, which is not otherwise have access to computers through a hole in the software. And there always are, because there are no perfect programs. "It's like a house made of forget to close a thousand doors. The bad, when they go home, they know they need time, but sooner or later find the open one, "he had said Eugene Kaspersky in Moscow. The black market offers endless open cast in programs from Microsoft, Apple, SAP or Acrobat used to sabotage and penetrate systems. The price of these vulnerabilities loses commercial value as companies discovered bugs patched. The most valuable-and expensive-are called zero-day vulnerabilities, ie those that are not public domain.
The law of supply and demand then exerts its relentless ministry by an unknown vulnerability in Adobe Reader, the market pays up to $ 30,000; twice, first on Android, used in Samsung devices, up to $ 120,000, a Windows , and more than $ 250,000 for one in IOS, the operating system of Apple. This single file has an army of computer experts who aspire to combine their knowledge and record with a stroke of fortune to blow up one of the most widely used software in the world. For many it is even a modus vivendi. As a hacker who asked to be identified by the nickname The grugq and whom we interviewed in Bangkok. It has "about 30 years", was born in South Africa and raised in the U.S. and England. He defines himself as a broker. And for this work comes to earning annually, he says, hundreds of thousands of dollars. But do not imagine as a smart broker. Attend the appointment at a mediocre Chinese restaurant in the Thai capital with an hour late, wearing a bathing suit and a long backpack. No one would say that this redhead is the key that links hackers and buyers, primarily governments and private military and intelligence, digital weapons acquisition. Neither that it takes commissions between 20% and 30% of transactions that can exceed half a million dollars. "If you spend a Sunday afternoon working at the computer, a thousand dollars is not bad. But if you have to spend three weeks developing a vulnerability, you expect more than that, because it is not worth the investment, "he explains, to justify the figures used in an area where the French company Vupen include others like iDefense or Endgame .
Cybersecurity generates an activity worth 50,000 million dollars a year and growing at an annual rate of 10%
A little more relaxed, after an hour's interview in which he is perceived quite tense - "this is a dangerous business," justification, says that "no transactions mean China or Middle Eastern countries" by a series of reasons. "The Chinese, on the one hand, pay little. But in addition, the United States considers this act as an aid to the enemy [referring to China], and that makes you an enemy of the United States. At this point, the risk far exceeds any financial reward, "he argues. However, he admits that "when the product has been sold lose control over it." So, despite ethics is impossible to control if it provides serves to penetrate dictatorships BlackBerry to spy on dissidents or opponents in a democratic political campaign.
However, to have a vulnerability is not always sufficient for an attack. Typically, this requires a combination of two factors: technical vulnerability, open door and a human that requires our invaluable complicity, mostly opening an email with an infected attachment. Today, by the rise of social networks and the large amount of information that we project on them, the human side is now weaker than ever. Or put another way: through the Internet, any offender who propose it can take some time and know so much about each one of us who could use that information to deceive easily. A deception is to manufacture a believable email that comes from someone you trust, whether a family member, friend or colleague, and expect mordamos the hook.
"The purpose is to create trust and then steal data," explains Shane MacDougall, a partner at Tactical Intelligence Incorporated, a U.S. company that collects information on the Web for intelligence agencies and U.S. government. In a break from the Black Hat conference in Amsterdam, where dozens of computer security experts from around the world gather to present and lecture on the latest discoveries or cyber fashions, Shane MacDougall reveals that you can now have the profile of an individual Within hours, when needed months ago. "It's amazing how much information people are able to put on the Internet. The impact of social engineering is devastating, because you can create strong connections and build trust without a trace. This is not about attacking computers computers but of hackers attacking humans. "
This information, which is compiled through applications that comb all social networks, both the individual object exploration as their families, friends and colleagues, is invaluable in the hands of the attackers because they can manage and customize attacks. In the new "global village"-whose integration and dynamism exceeds that described by Marshall McLuhan, the information is, more than ever, power. A power that serves the purposes of cyber actors aspiring to steal something with more value than personal data: the best kept secrets of corporations. The cyber - is ---- Industrial pionaje.
Understanding this premise is fundamental to understanding why the company that more information - what power? - Handles replicate candles decided in 2010 in China, the largest Internet market in the world. In January this year, Google announced it was leaving to filter searches in its Chinese portal (Google.cn) following a series of attacks from China against its systems. That decision was the first step toward its inexorable retreat. What happened to Google forced the collision with the Chinese regime, investing in China despite billions of dollars since 2006? Does the company not be evil suddenly had rethought its policy of accepting the prevailing censorship in China? What had caused this "change of strategy"? No one outside of the dome of the company knows for sure what was the bait. Safely it was something much more sophisticated than the classic you all receive notification usually by suspected Nigerian bankers to collect fortunes. Maybe it was an e-mail with an attachment in PDF format that predicted financial results next quarter. Or an email detailing, in a Word file, the meeting agenda for next week. Perhaps this was just a link sent from the direction of a close friend that redirected to a website with the best wineries in Sonoma Valley, if the victim is loving Californian wines. What we do know is that it was designed to attack a dozen company executives and one took the bait. It was through that human error-this e-mail that link open and open-punctured or document that arrangers Operation Aurora managed to penetrate the heart of the Internet's most powerful company in late 2009.
With one foot inside the machinery devised by hackers launched. Human error was allowed to place a Trojan horse. But that was not enough. Had to extract information via a secure communication channel and discrete. And it was a vulnerability in Internet Explorer which allowed the bleeding. The pirates seized the Microsoft browser failure to create an encrypted connection through which flowed the gigabytes of data transfer, for months and quite surreptitiously. Imagine a row of dozens of vans going 24 hours a day of local Google documents laden with strategic information. And no one noticed it.
The Chinese are asking, why spend 40,000 million to develop a technology if you can steal a million? "
The attackers had access to the depths of the bowels of the system, stealing at least part of the source code of Google, something like the DNA of the company. But his ambition was not limited to U.S. search engine. In a coordinated action and supposedly executed from two Chinese schools with links to the Army (Shanghai Jiao Tong University and Lanxiang Vocational School), were dozens-some sources speak, even thousands, of U.S. companies such as Dow Chemical, Symantec, Adobe, Yahoo, Lockheed Martin or Northrop Grumman, suffered a massive theft of intellectual property as part of Operation Aurora. In San Francisco, the birthplace of U.S. technology, the systematic theft of which are the subject has warned all its businesses. But nobody feels comfortable talking about it.
Therefore perceived tension when Dmitri Alperovitch appears in the lobby of a luxury hotel in the Californian city and invited us up to his suite. It took many emails to one of the men who know most about the intricacies of Chinese cyber espionage accept greet. "I am happy to help, D.," he said, paying, concise, to help after weeks chasing. His attitude was common among the few people who really understand what is happening. The large-scale theft of intellectual property from Western China is the most sensitive matter how many hazards around the Web For the journalist is a constant fight to get testimonials: affected, analysts, experts, politicians and even the industry-leading swords Symantec, McAfee, and again refused to answer our questions on this specific topic. Google itself threw balls out on the grounds that he did not want to "inject speculation." So the testimony deserved Alperovitch cross the Pacific to interview in person.
"For years I carried out these activities against the commercial sector. But until 2009 or 2010, most companies simply were not aware, they would not know or would not talk about it. The Google case is what opened the debate, "said former vice president of threat research for McAfee Labs unmistakable traits This young Russian-haired, wide-jaw for years has headed investigations into the attacks on U.S. firms and author of the report is the most embarrassing for China, the famous Revealed: Operation Shady RAT. Published in 2011, uncovered the biggest attack to date against entities around the world: more than 70 government agencies, including the International Olympic Committee, United Nations and the Governments of India, United States and Vietnam, and private strategic sectors as energy and telecommunications were infiltrated by Chinese hackers for months.
"With this study we wanted to make public what is happening. This is a national security issue, not only for America but for the Western world. For all that are stealing intellectual property, and our economies are based on that, on knowledge. We have already lost all manufacturing for China, and that's not coming back. If our economies also lose the advantage that provides the knowledge, what do we have left? We'll finish all work at McDonalds, "he argues. "The concern among the business class is huge. There is a lot of frustration. Nobody knows what to do, because it is so persistent ... And it's a similar situation to the challenge of terrorism: to protect you need to hit a hundred percent, but they only have to be right once. And often succeed at first, do not need one hundred attempts. "
The long thirty people interviewed for this article in Barcelona, Beijing, Bangkok, San Francisco, Amsterdam and Moscow agree that China is the most active player in the theft of intellectual property through infiltrating networks. Chinese hackers are meticulous, are coordinated and know exactly what type of information sought: business strategies, plans or recent military aircraft millionaires reports about oil reserves housed in certain regions of the planet. Richard A. Clarke, President George W. exconsejero Bush to cyber espionage issues, says the "government of Beijing has become a global kleptocracy". Alperovitch and other authoritative voices do not go that far, but have little doubt of the role of the Chinese state in these operations.
"Is the state itself or simply this encourages these activities? Are the Chinese SOEs? It is difficult to know. But there is no doubt that, at least, these activities are tolerated by the Chinese state and are probably encouraged by it, "he concludes. "The scale indicates that there are two guys with computers installed in a garage. It takes thousands of people. Especially for analyzing tirabytes you extract information because we are talking about a global, multidisciplinary theft. So knowledge required in many fields. " The Pentagon also was abundantly clear in its annual report to Congress released in May: "The Chinese players are the most active and persistent charge of economic espionage," says the document. This is easy to understand the numbers the British firm Ultra Electronics: estimates that cyber security sector generates economic activity for 50,000 million dollars a year and growing at an annual rate of 10%.
China is, of course, the only country to carry out such activities. Moreover, as Beijing refuses and she claims to be "a victim of the attacks." "We attacked the West, especially the United States. And stereotypes used to accuse China of spying and stealing. But there is no evidence of that, "said Liu Deliang, a professor at Beijing Normal University and renowned academic in everything related to the Chinese Internet. Certainly, the great powers including spying is not new, but the main motivation is not theft for financial gain knowledge, but national security. "The United States argues that it always commits industrial espionage. Actually, can spy under some circumstances some companies, such as the fight against weapons of mass destruction, "he said in an interview Adam Segal, analyst at the Council on Foreign Relations (CFR).
"The Israelis and the French they do [online industrial espionage], but the difference is scale. If Israel or France, we are stealing something, it is just a business. The scale of China is much higher. " The structure of the Chinese state only helps to reinforce these suspicions. Not only that state enterprises-whose boards are controlled by Communist Party members on five continents pursue strategic objectives established Beijing, from the collection of oil and minerals to the conquest of new markets for the made in China . It is, moreover, these corporations are leading the race for China to climb the value chain in areas where, for now, Western technology makes the difference: telecommunications, natural resources, renewable energy and biotechnology, fields besides aerospace, military and space. Coincidentally, those are the main sectors targeted in cyber espionage operations industries (Aurora, Shady RAT, Nine Dragons, Titan Rain). An analyst who requested anonymity summed it up as follows: "The Chinese are asking, why spend 40,000 million dollars to develop a technology when you can steal a million?". "China wants to stop being the world's factory long term, summarizes Seagal. "The cyber espionage is part of efforts to reduce its dependence on Western technology."
The secrecy of the undertakings concerned prevents a reliable estimate of the economic impact of this theft. Its opacity is motivated by two factors: fear of economic retaliation in the form of loss of market, whether directly accuse China, and fear the impact on its share price, if they admit they have stolen insider. "A senior executive with telecommunications recently told me: 'I know that the Chinese are stealing everything, but I have reached an agreement for $ 10 million with China Telecom that will catapult the results of this quarter, so do not I can say nothing, "said Alperovitch.
"There is much cynicism and short-term mentality lot by companies," agrees, for his part, Scott Borg, whose agency-the U.S. Cyber Consequences Unit, examines the cyber threat to the United States. "This is the highest potential of intellectual property theft in history if the Chinese know how to make use of all that are becoming" asegura.Quizá why the governments of the U.S., Germany, UK and Japan have not hesitated to publicly accuse China of being behind the attacks on some of its businesses. Establish estimates the annual cost of the Chinese in a figure bleeding ranging from tens to hundreds of billions, just to the U.S. economy. The situation is so serious that the issue is high on the bilateral agenda of the two world powers.
Experts suggest, however, that the largest industry event of cyber espionage came not from China, but a co-supposedly-between Israel and the U.S.. It was mid-2010 when it began circulating the name of Stuxnet, a virus that had infected millions of computers worldwide. Nobody thought at first that the most sophisticated malware created to date was an operation whose authorship was attributable, almost certainly, to the secret services of one or more nations with the mission of attacking Iran's nuclear program.
In industry there is no doubt that "was the industry's elite programmers who created Stuxnet". The virus was so perfect that required five years of preparation and included four zero-day vulnerabilities (unknown), for which amounts disbursed millions to ensure the success of the attack. The virus had its own life: streamed on computers, constantly mutating to avoid detection and self-destructed when it achieved its objectives. Something happened at the end of that year, when Iran stopped enriching uranium at its plant in Bushehr because the centrifuges operated by Siemens SCADA system had been rendered useless by Stuxnet. A computer virus had achieved what even a military strike would have obtained: delay the nuclear program of the Islamic Republic for at least five years. A few weeks ago, another virus, Flame, was discovered in Iranian computers. Estimated to be between 20 and 40 times greater than Stuxnet.
'Stuxnet' reopened the debate of what is perhaps the biggest concern of the States now: How to protect the infrastructure of a nation? Can you defend criminals to national security or intelligence agents operating from anonymity and sometimes impunity?
"The future of the Internet will be ubiquitous, but within limits and centralized control", provides Seagal, the CFR. That means that if you imagined this century as a single virtual space and internationalized, without borders or state intervention, must be abandoned that idea. Operations against Wikileaks and Megaupload, but especially the regulation of the Network in Asia, pointing to a new direction: the end of the Internet and the emergence of many Internet. That is, the decline of the "global village" and the outbreak of an interconnected archipelago where each island at will govern its territory and its foreign relations.
0 件のコメント:
コメントを投稿