"Fatal System Error" is a true-life tale of how U.S. mobsters and Russian gangsters have exploited the Internet and the Web over the past decade to rake in the money. Author Joseph Menn of the Financial Times shows how cybercrime, techies and law enforcement get tangled up from Florida to Costa Rica and from Russia's Moscow and St. Petersburg on out to Kazakhstan.
Fatal System Error is a true-life tale of how U.S. mobsters and Russian gangsters have exploited the Internet and the Web over the past decade to rake in the money. Author Joseph Menn of the Financial Times shows how cybercrime, techies and law enforcement get tangled up from Florida to Costa Rica and from Russia's Moscow and St. Petersburg on out to Kazakhstan.
The first half of the book tells the story of Barrett Lyon, who as founder of Prolexic Technologies seven years ago applied his skills to protecting customers, a number being in the online gambling industry, against denial-of-service (DDoS) attack from extortionists who were bringing down their sites and demanding tens of thousands of dollars to go away. Lyon's technical expertise pinpointed the young Russian cybercriminal Ivan Maksakov, helping a multi-national team of investigators bring Maksakov and others involved in the DDoS extortion racket to justice in a Russian court three years ago.
But Lyon, portrayed in the book as a twenty-something CTO surrounded by high-rolling sponsors from gambling firms in their offshore havens as the U.S. passes laws against online gambling, can't escape the feeling some of his customers are involved in criminal activities themselves.
And after distancing himself from Prolexic a few years ago, Lyon, at the request of the Florida division of the FBI, agreed to wear a hidden microphone. He used it to converse with Prolexic's then-CEO Darren Rennick, who, according to Menn's book was "installed by the gambling men," infuriating Lyon as he watched Rennick continue to sell his Digital Gaming Solutions casino-style software right in the Prolexic office.
"I felt a moral obligation to expose this industry," says Lyon, now 31 years old. The Internet and the Web are a "new cultural phenomenon" that offers both the good and the "horrible. I don't think a lot of people understand the inner workings of the offshore gaming industry. "
Hollywood, Fla.-based Prolexic was acquired by Philippines firm IPVG in 2008. "We put this behind us ages ago," says COO Gus Cunningham. "This is dredging up ancient history."
Cunningham says he's only seen brief excerpts of Menn's book, which officially appears Tuesday, and attorneys for Prolexic will be carefully reading it with the expectation of making a statement regarding it. He says Rennick left the firm about two and a half years ago. Prolexic retains customers in the online gaining industry, as well as many other types of industries including financial services.
Since leaving Prolexic, Lyon went on to co-found BitGravity and now is launching another firm, San Mateo, Calif.-based 3Crowd Technologies, which next month will be coming out of stealth mode with technology for data transfer, including video, on the Internet.Author Joseph Menn says Lyon, whose role in wearing a concealed microphone until now hadn't been made public, "took an enormous risk here. The books outs him as unknowingly working for the mob."
But as eye-popping as the book's portrayal of bookies and wise-guy swagger is, even while technical experts were said to be fending off network attacks for their servers, the second half of the book is even more mind-blowing.
It's here that Menn tells the tale of British investigator Andy Crocker with the United Kingdom's National Hi-Tech Crime Unit (NHTCU) back in 2003, which like the FBI had also received Lyon's information about DDoS attackers. Crocker retired last year and shared his story.
Crocker got on the trail of DDoS attacks because Canbet, an Australian betting company with an office in Portsmouth, England, had told British authorities that it had suffered crippling attacks and was wiring tens of thousands of dollars to Latvia via Western Union to appease the DDoS attackers.
With that, Crocker's adventures, which lead into Russia, begin as he navigates a tangle of government bureaucracy, eventually hooking up with his Russian counterpart, Igor Yakovlev, a colonel in the 40-man Investigative Committee in the Ministry of the Interior (known by its Russian acronym MVD) . The MVD is said to operate like the FBI, but also runs police departments in every city.
In a friendship fueled in part by vodka as British agent Crocker shows he can keep up with Yakovlev on that score, the two eventually round up cybercrook Maksakov in the small Russian town of Balakovo at his parents' house. Maksakov shares some information about the botnet he was using for DDoS attacks, and the thousands he was making in extortion, but they get the impression he's just the tip of the iceberg. And with that, investigation leads into stolen credit-card rings, money mules, and perhaps most troubling, the sense by Crocker that "local or national officials were protecting some of the people he wanted."
One action even includes Yakovlev warning Crocker not to open his hotel room door at night for anyone because it turned out that one suspect in the city of Astrakhan, Alexander Petrov, was the son of the police chief. But when Crocker gets wind of the existence of what is called the Russian Business Network (RBN), his perception of the scale of Russian cybercrime grows as the suspects at a St. Petersburg company, apparently tipped off, make off with servers emptied from a rack shielded behind heavy metal doors just as investigators arrive.
According to Menn's book, the RBN is believed to "offer hosting and connections to the Internet, and probably much more. This gives it a layer of deniability: it can always be said that someone else bought technology services and used them for criminal ends without the company's knowledge." In 2007, RBN got too much attention and dropped its public Web site.Menn's book, tapping security experts Kimberly Zenz, Don Jackson, David Bizeul, Paul Ferguson and Mikko Hypponen, as well as the only person whose name remains undisclosed and referred to as "Jart Armin," traces a long list of cybercrime offenses back to RBN.
"Armin believes that the RBN started out as a conventional, if proficient circle of hackers," Menn writes. "Then it had a merger with one of the most powerful traditional organized crime groups in Russia, the Tambov gang of St. Petersburg."
A key figure in RBN is said to go by the name Flyman, and though possibly "the world's largest supplier of child pornography," this individual remained off limits to arrest, because according to an unnamed MVD investigator, "Flyman's father is an influential St. Petersburg politician who used his leverage and money to persuade law enforcement authorities to prevent do-gooders from pursuing the case."
Zenz is quoted as saying, "Flyman is a very rare type, in that he has both mafia protection and political protection on a very strong level."
And as Menn's book veers into this controversial topic, he continues, "The full truth is that a number of enormously powerful national governments, especially those of Russia and China, have picked the blossoming of the Internet age as the time to ally with organized crime."
Menn argues the benefits outweigh the cost, "and organized crime is so endemic in Russia that some argue the government itself is an ongoing criminal enterprise."
Fatal System Error asserts that the services of the RBN were used in DoS attacks and information stealing and Web defacement related to Georgia's government networks during the armed conflict the two countries had during August 2008. On a trip that Menn made to Russia, he says he met with Eugene Kaspersky, CEO of security firm Kaspersky Labs, and some of his researchers, saying "I was writing about the hunt for the world's worst cyber criminals, and that a decent proportion of that group appeared to live nearby."
Kaspersky reportedly responded that the "worst" could be said to be connected to a cyber heist of a Sumitomo bank branch in London in 2005 with the arrested being Israeli, Swedish and U.K. citizens, though Menn adds that attack failed. Kaspersky also is reported to have said the worst attacks were the viruses Sasser, Blaster and Slammer, none of which involved making money. According to the book, Kaspersky indicated he doubted the Russian government would engage in politically motivated attacks against Georgia.
Menn's book suggests he found Russia an inhospitable place for an investigative journalist. He says the Russian government's security agency "FSB instructed the MVD not to cooperate during my trip to that country, informing the agency that I was 'probably' a spy. Inside the hotels where I stayed, muscled security guards kept track of whom I met and spoke into wireless mouthpieces when I moved."
In an interview, Menn says his research indicates that when it comes to the RBN and a connection to the Russian government, "the difference of opinion is what arm of the Russian government or how high in the government."Menn's book is so incendiary in the assertions it makes about organized crime in both the United States and Russia, it raises the question whether Fatal System Error may put his life in some jeopardy.
"I don't anticipate ever going to Russia again," Menn says. "And if anything bad happens to me in the U.S., that will be news."
Copyright 2009 IDG Magazines Norge AS. All rights reserved
Postboks 9090 Grønland - 0133 OSLO / Telefon 22053000
Ansvarlig redaktør Henning Meese / Utviklingsansvarlig Ulf Helland / Salgsdirektør Tore Harald Pettersen