As I read the latest cyber crime news -- at least 1.5 million Visa and MasterCard accounts have been compromised, perhaps many millions more -- for once I don't feel disheartened. There's a decent chance that the criminals who pulled off this heist will go to jail.
Every public speaker and writer likes a good catchphrase or refrain that will grab the audience's attention. One of mine: Whenever you read that a superhacker has been arrested, it's never the superhacker. Even when we know who the superhackers are, we can't arrest them. They operate with near impunity. Why stop if you can never be caught?
[ Also on InfoWorld: Robert Lemos outlines Microsoft's whack-a-mole plan to take down criminal bot operators. | Learn how to secure your systems with InfoWorld's Malware Deep Dive PDF special report and Security Central newsletter, both from InfoWorld. ]
For two decades, my pet rant was true -- but the tide has turned. These days, some of the biggest fish are being arrested. My friend Brian Krebs from Krebs on Security has long been documenting the rise and, at last, the fall of Russian cyber criminal enterprises. For years, Brian collected (nonjudicial) evidence on how the Russian gangs operated, who ran them, and how much money they made. Brian was a major thorn in their sides, but they continued to operate. This year, however, most of Brian's stories about the Russians have ended with shutdowns and arrests. Finally, the people who've been stealing tens of millions of dollars each year are being put behind bars.
It's not just the Russian cyber crime gangs. Botnet operators around the world are getting taken down. Hacktivists who steal information and cause denial-of-service attacks are getting caught. Criminals are turning on each other in an attempt to reduce their sentences. Spam kings are being successfully sued and put behind bars. Scareware scammers are being identified and taken to court. All in all, the last six months have been hugely victorious for the good guys.
Hacker: A shift in public perception
What changed? First and foremost, public opinion has shifted. Hackers are no longer perceived by the general public or court systems as the innocent, misguided, mischievous, teenagers that have been the stereotype since the 1983 film "WarGames." This shift in public opinion is significant because the accused are often tried by a jury of their peers. Today's malicious hackers are seen as criminals, pure and simple.
Years ago, if a kid was caught hacking his school's computers, he'd get a stern lecture from the principal and probably end up working in the school's computer lab. Today, that kid gets expelled and likely arrested. Years ago, spammers were slapped on the wrist when they had their day in court. Today, they spend time in jail. A decade ago, computer virus writers were almost celebrated. These days a malware writer, if caught, will almost certainly be arrested and probably sued in civil court. I'm not sure why it took so long for public opinion to change -- perhaps it's because so many of us have been inconvenienced or victimized. We've had enough.
OS and antimalware vendors are working better at tracking suspicious activities and shutting down botnets and command-and-control (C&C) centers. For example, just last week, Microsoft and several partners shut down several large Zeus botnets. This sort of operation is no longer unusual. Microsoft can point to at least three other recent botnet takedowns, and the FBI and other cyber crime fighters claim successful takedowns of the Kelihos spam bot, Spanish Mariposa botnet, Coreflood botnet, and DNSChanger.