The benefits of living in a digital, globalized society are enormous; so too are the dangers. To answer this question, Glenny offers a vivid examination of the rise of the criminal hacking website DarkMarket and its ultimate fall. Along the way, he presents alarming and illuminating stories about both the shadowy individuals behind its scenes and the organizations tasked with bringing them to justice. Essential reading.
|Published (Last):||20 September 2006|
|PDF File Size:||20.86 Mb|
|ePub File Size:||15.60 Mb|
|Price:||Free* [*Free Regsitration Required]|
Shelves: non-fiction A strong, compelling work of modern literary journalism. Leaves one fearful for our ignorance and vulnerability in this particular area of crime. Jan 08, Xing Chen rated it really liked it Published in , an action-packed account of the events and characters involved in the rise, operation and decimation of several high-profile online marketplaces that provided a venue for scammers, credit card fraudsters, hackers, and such cyber criminals, to build reputations, form connections, and exchange goods and services.
Key insights from the book: Cultural, political, legal and societal differences between countries give rise, as with any criminal activity, to loopholes that Published in , an action-packed account of the events and characters involved in the rise, operation and decimation of several high-profile online marketplaces that provided a venue for scammers, credit card fraudsters, hackers, and such cyber criminals, to build reputations, form connections, and exchange goods and services.
Key insights from the book: Cultural, political, legal and societal differences between countries give rise, as with any criminal activity, to loopholes that lawbreakers exploit. Certain countries adopt lax attitudes towards cyber crime, and have neither the interest nor the resources to devote towards combating it. Some countries turn a blind eye to it as long as their national companies and infrastructure are not the ones being targeted.
In countries where corruption is common within political and law enforcement bodies, criminal activity is not only ignored but abetted. With luck and care, as long as circumstances remain favourable, wrong-doers may conduct their business unmolested. Examples of features that are country-specific: -In an earlier era, although illegal activities were perpetrated throughout most of the world, French criminals were generally francophone, used the Minitel system rather than the Internet, and used American credit cards, not French ones.
The Minitel system was more secure, and had a smaller user base, making it a less attractive target. Thus, cybercrime in France was initially restricted in its scope, to a relatively national level. All Russian ISPs must comply with this regulation, and have to pay a fee to fund the cost of the system.
Encryption is illegal in Russia and possession of a file with a digital lock on it is a crime. Russian cybercriminals are free to clone credit cards, hack bank accounts and distribute as much spam as they want, as long as their victims are located in western Europe and the US. Details such as the time and volume of traffic are monitored, although the content is not. Collaboration between governmental intelligence agencies and international counterparts can be patchy.
The US SS and the FBI, for example, have sometimes failed to share information with each other, resulting in competition and redundancy. Intelligence agencies in France, Germany, and the UK, would have to work with each or one of these organisations, instead of dealing with a single entity, resulting in extra overhead and consumption of resources. ICQ and IRC are dynamic- unless exchanges are saved intentionally, no trace of the conversation is left. Ironically, these services did not always confer as much anonymity as users believed.
Following the arrest of E-Gold founder Douglas Jackson in , for example, government agencies had full access to its records, unbeknownst to most users. The Canadian webmail provider, hushmail, provided the police with log records after mounting pressure, in Safemail is an encrypted email system, owned and run b a company in Tel Aviv. If an Israeli court subpoenaed certain information, then presumably it would be possible to obtain and crack the mail.
The underlying message is, that services are run by companies and people, and even if a system is allegedly failsafe and secure in theory, when implemented, theory is confronted by the messy squishy real world, which often offers affordances for one to pry open the cracks.
If, for example, law enforcement agencies infiltrate or are involved in the setting up or running of such services themselves, then hackability is practically built into the system. For example, a highly-valued service was the provision of an escrow system, similar to that offered by a bank or a marketplace such as eBay and Amazon: site administrators acted as a neutral third party, overseeing transactions between members, and thus replacing inefficient and unrealistic trust-based direct interactions with an impersonal, reliable workaround.
Skills could be combined and traded: those with a background in programming, hacking, or engineering could design and sell software and equipment, while those equipped with street smarts but lacking in that sort of technical know-how could purchase or rent equipment and carry out thefts in the flesh. Purveyors of stolen credit card details could sell their wares to buyers, who in turn performed the physical and risky act of withdrawing cash.
Sellers of skimming devices could dispatch their machines to those who lacked the ability and time to design, build, and engineer their own, but who were willing to install them on ATMs. A strategy used by DarkMarket at one stage when it achieved a monopoly over the distribution of skimmers , was to sell the machines together with a PIN pad that was designed to be installed over the existing, legitimate one.
Encrypted PINs would be recorded on the fake pad, and the buyers of skimmers had to send the data back to the sellers for decryption. Money mules are oft-unsuspecting people who respond to advertisements offering money for little work, in which money is deposited into their bank account before being forwarded on, and the mules take a percentage as their cut.
A theme common to this book and McMafia is that of the economic and social landscape in countries like Brazil, Russia, India and China, where access to relatively high levels of education are combined with rising material aspirations amidst massive wealth disparities, thus creating fertile conditions for the proliferation of cybercrime.
But in DarkMarket, Misha Glenny describes meeting Brazilian hackers who ran a phishing operation along these lines and "secured tens of millions of dollars for themselves from bank accounts in Brazil, Spain, Portugal, the United Kingdom and the United States". As Glenny observes, "if a hacker sends out several million spam emails, he does not need a high response rate in order for it to be worthwhile". A few years ago, the British anti-spam website spamhaus. In , Master Splyntr was made one of the administrators of DarkMarket, a website dedicated to facilitating the exchange of information — above all, stolen credit card details, extracted either through phishing scams or illegal "skimming" machines piggybacked on to cash dispensers — between hackers, "carders" credit card fraudsters , spammers and other cyberthieves. Glenny conducted more than hours of interviews to gather the material for DarkMarket, speaking to most of the major players on both sides of the law.
DarkMarket by Misha Glenny - review
DarkMarket: Cyberthieves, Cybercops and You