Romania: new citadel of cybercrime
Law enforcement documents portray a loosely organized network of young Romanians conspiring to steal millions of dollars each year from consumers and companies.india Updated: Dec 10, 2003 22:22 IST
It was 56 degrees Celsius below zero (nearly minus 70 F) outside, but the e-mail on a computer at the South Pole Research Center sent a different kind of chill through the scientists inside.
"I've hacked into the server. Pay me off or I'll sell the station's data to another country and tell the world how vulnerable you are," the message warned.
Proving it was no hoax, the message included scientific data showing the extortionist had roamed freely around the server, which controlled the 50 researchers' life-support systems. The FBI traced the e-mail to an Internet cafe in Bucharest and helped Romanian police arrest two locals -- the latest evidence that computer-savvy Romanians are fast emerging as a bold menace in the shadowy world of cybercrime.
"It's one of the leading places for this kind of activity," said Gabrielle Burger, who runs the FBI's office in Bucharest and is working with Romanian authorities to arrest suspects "and avoid the September 11 of cybercrime."
Law enforcement documents portray a loosely organized but increasingly aggressive network of young Romanians conspiring with accomplices in Europe and the United States to steal millions of dollars each year from consumers and companies.
Their specialties: defrauding consumers through bogus Internet purchases, extorting cash from companies after hacking into their systems, and designing and releasing computer-crippling worms and viruses.
Alarmed authorities say the South Pole case underscores the global impact of this new breed of cyber-outlaw.
"Frustrated with the employment possibilities offered in Romania, some of the world's most talented computer students are exploiting their talents online," the US-based Internet Fraud Complaint Center, run by the FBI and the National White Collar Crime Center, says in a new report.
Computer crime flourished in Romania because the country lacked a cybercrime law until earlier this year, when it enacted what may be the world's harshest. The new law punishes convicts with up to 15 years in prison -- more than twice the maximum for rape. Varujan Pambuccian, a lawmaker and former programmer, helped draft the new law after Romania's government realized the nation, which is racing to join the European Union by 2007, was getting a bad online reputation.
"We want a good name for our country," he said. "I'm very angry that Romania is so well-known for ugly things -- for street dogs, street children and hackers." Pambuccian said there was a noticeable decline in criminal activity in the first three months since the law took effect.
More than 60 Romanians have been arrested in recent joint operations involving the FBI, Secret Service, Scotland Yard, the US Postal Inspection Service and numerous European police agencies.
They include the two suspects implicated in the South Pole extortion attempt last May. Both are awaiting trial. Another Romanian pair was arrested on suspicion of extorting cash from Integrity Media of Mobile, Alabama, after information on 30,000 credit card accounts was stolen in March.
Police say several hackers have been convicted, though in lower-profile cases.
Although the Russians are better known for online extortion, Romanians have become major players in the scam, a specialty also favored by criminals from Bulgaria, Poland and Slovenia. Information technology is a Romanian forte dating to the former regime, when the late dictator Nicolae Ceausescu saw computers as a way to advance communist ideology. Software piracy took firm hold during the Soviet era, when Romanians too poor to buy licensed software simply copied it.
Today, Romanians get their first computer lessons in nursery school. Universities have top-notch IT programs whose graduates are heavily recruited by Western companies. Microsoft Corp recently acquired GeCAD, a leading Bucharest data-security firm. But all that know-how has spawned a dark side: Internet vampires who prey on victims half a world away.
The classic scam: Offer high-end electronics or other goods for sale or auction, take the order, confirm the "shipment" -- and simply vanish the moment the consumer has wired payment. The Internet Fraud Complaint Center said it gets hundreds of complaints daily from defrauded Americans. Many cases trace to Romania, where criminals use Internet cafes to elude capture and avoid leaving a digital trail to their home PCs.
Some have developed Web pages that mimic legitimate sites such as eBay, diverting them into the cyberspace equivalent of a back alley. Buyers think they're dealing with eBay, but their money ends up in criminal hands and the goods are never shipped.
The most brazen hack into protected corporate databases, where they copy proprietary information and demand cash on threats of publishing the findings on the open Internet.
This past summer, authorities aided by FBI experts arrested six young Romanians in the Transylvania town of Sibiu after they successfully extorted $50,000 from several leading American corporations, which were not identified.
Virgil Spiridon, chief inspector of Romania's national police and head of a newly launched computer crime task force, said authorities have intercepted online traffic, tracked Internet headers and addresses, searched suspects' homes and seized hard drives. But Mihai Radu of Bucharest-based BitDefender, a data security company, says criminals are smarter than local authorities.