Hackers and Sith Lords Roam Ukraine's Cyber Badlands
The taxi driver peers into the rain and shrugs. There’s nothing resembling a government building in this bleak industrial district on the edge of Kiev, just overgrown tram tracks and scrapyards patrolled by dogs.
We’re here to meet Colonel Sergiy Demediuk, Ukraine’s top cybercop, to find out why this former Soviet state, known more for mining coal than data, spawns so many of the most-wanted digital crooks. If anyone can catch them, the colonel can, but he too is proving difficult to find. Finally, a guard emerges from a dingy cluster of peach-colored structures to wave us in.
“The new breed of cybercriminals is out of control,” Demediuk, 38, says in a second-floor office adorned with a portrait of the 19th century poet Taras Shevchenko. Tieless and sporting a smartwatch, the colonel says hackers no longer respect the old code of targeting any country but your own.
In the Internet age, bad guys can tap into your home or business from anywhere, giving them a reach national police forces can’t match alone. As a result, cops in hacking hot spots like Ukraine have become key players in the global effort to dent the estimated $400 billion trade in online crime.
Ukrainians and Russians have been at the vanguard of hacking for almost as long as the Internet has been around. But now, with the government in Kiev hamstrung by a recession and a pro-Russian insurgency in the country’s industrial heartland, the number of computer attacks is skyrocketing.
Demediuk’s Department for Combating Cybercrime received 5,000 complaints in the first nine months, two-thirds more than in all of 2014 and the group only handles a fifth of all reported incidents. The government, on life support from the International Monetary Fund and backed by the U.S. and the European Union, recognizes the problem and has found enough funds to almost double the unit’s staff to 400.
From credit-card fraud to laundering, malware to phishing-for-hire, Ukraine’s hacking culture was formed in the chaos that followed the collapse of communism in 1991, when a “very large criminal element” emerged, according to Thomas Brown, a cybersecurity expert at Washington-based FTI Consulting and a former federal prosecutor in New York.
Thanks to its world-renowned technical colleges, there is no shortage of people with the skill set to crack a coding problem for the country's criminal gangs. Before they were hackers, Ukrainians helped build Soviet space rockets and contributed to the Fibonacci theorem in mathematics. There are more than 800 higher education institutions in the country, and about 70 percent of the population attend university.
“It builds its own momentum,” Brown said by phone. “People do it. They become more comfortable with it. It becomes like a growth industry.”
In 2001, a Ukrainian who called himself Boa helped organize a meeting of 150 hackers in the Black Sea port of Odessa that led to the creation of CarderPlanet, one of the world’s first online bazaars for stolen data, according to the U.S. Department of Justice. Boa, whose real name is Roman Vega, was sentenced to 18 years in a U.S. prison in 2013.
More recently, the FBI and U.K. police have traced widespread computer viruses that siphon bank accounts back to suspects in Ukraine. In August, U.S. prosecutors broke up what they called a digital insider-trading ring that stole market-moving announcements from news services. Five people were arrested, but at least eight of 16 overseas suspects are thought to be in Ukraine, which doesn’t extradite its citizens.
Like almost everything else in Ukraine, the fight against lawlessness in cyberspace is hampered by corruption, which Transparency International ranks the worst in Europe.
“Everyone pays bribes,” said Glib Paharenko, a Ukrainian security researcher. If a cop can’t be bought, then a prosecutor or judge can be, he said.
Demediuk says his cops are immune from graft because they have so few opportunities to physically meet criminals and extort payments.
But even if investigators refuse to be paid off, the cash-strapped government can’t compete with the profits black-hat hackers can make, so there’s a mismatch between resources and recruitment, according to Kostiantyn Korsun, a cybersecurity expert at Berezha Security in Kiev.
The free flow of information via the Internet can be a force for good as well as harm. It was a key tool for the protesters who drove Kremlin-backed President Viktor Yanukovych from power last year and it’s helped Ukrainians counter Russia’s well-funded propaganda.
So deeply is this issue ingrained here that there’s even a political party that champions hacker culture -- the Internet Party of Ukraine, whose members dress as “Star Wars” characters and call for the country’s withdrawal from the Financial Action Task Force against money laundering and free computer lessons for everyone, among other things.
Read More: Ukraine Link to Shakespearean Cyber Thieves
“Shakespeare-quoting hackers targeted British banks. Police led a global operation to stop the heist, but can they catch the Shylock gang?” // Kit Chellel, June 2015
IPU candidates have included Emperor Palpatine, who won election to Odessa’s city council, Master Yoda and Chewbacca, who was filmed being bundled into a squad car for failing to show proper identification at a polling station. Men dressed as Darth Vader ran for mayor of both Kiev and Odessa, unsuccessfully, on the same day.
Crime and information technology have gone hand-in-hand for two decades, since fraudsters expanded into advanced digital rackets that the government has struggled to keep up with, Demediuk says.
The colonel recalls bringing a personal computer into work in the mid-’90s and being hailed as an innovator by colleagues who still used typewriters. As late as 2005, most officers still didn’t fully understand how online transfers were used to launder money.
“We knew that Ukraine citizens, Internet users, were making electronic payments, but we couldn’t imagine the scale -- millions of U.S. dollars,” he says.
‘Get a Handle’
The situation is improving, but slowly and haltingly.
Demediuk says he’s in the process of hiring 39 special agents with programming and network-security skills who’ll be paid as much as 30,000 hryvnia (about $1,300) a month, seven times the national average but a fraction of what can be made on the black market.
Even with extra manpower, though, many hackers just flee across the border where police can’t catch them, a journey made easier by Vladimir Putin’s annexation of Crimea and the war in the east.
Ukraine’s government must do better in the battle against cybercrime if it is to achieve its goal of closer ties to Europe and the U.S., according to Brown at FTI Consulting.
“They need to get a handle on this,” Brown said.