In a bland, anonymous tower at an undisclosed address in the British capital's Docklands area, Len Hynds, head of the UK's National High Tech Crime Unit (NHTCU) surveys the East End of London and reflects that nothing much has changed in the murky world of organized crime.
Criminals still pursue easy cash through fraud, extortion and theft; it's just that these days they have much better technology at their disposal. For example, online gangsters looking to extort money use "distributed denial of service" (DDoS) attacks instead of threats of violence.
Using thousands of computers around the world that have been infected with malicious programs, criminals can marshal "botnet armies" to bombard a Web site's servers with requests, thereby using up most or all of the available bandwidth. The site slows to a crawl or grinds completely to a halt. And an online business can't earn any money if its Web site is not working.
ILLUSTRATION MOUNTAIN PEOPLE
"It's a classic protection racket," Hynds said. "It's what East End gangsters have been doing in this part of town for a while -- knocking on businesses' doors and asking them if they can afford a fire."
The main difference is that, thanks to the Internet's borderless nature, organized crime groups have been able to go global in one easy bound.
"We've seen a massive increase in extortion demands," Hynds says. "At the moment they're focused on the online betting and gaming industry in particular."
These sites are especially vulnerable because punters can easily go elsewhere if a bookie's site is down. Peter Pedersen, chief technology officer of online betting company Blue Square, says: "We were attacked early on in the year. We received extortion demands by e-mail half an hour before the attacks began."
The extortionists demanded up to US$40,000 a time. But Pedersen says Blue Square didn't -- and won't ever -- pay up, although he admits the attacks cost them business.
"It's like 1,000 people barricading a supermarket so you can't do your shopping," he says.
The attacks can last for half an hour or several days, with the "botnet armies" making thousands of network protocol requests, or issuing requests for false pages that force the Web site's servers to display error messages. Either way, the site can't function properly and revenue is lost.
The NHTCU warns companies never to pay up.
"It's the type of organized crime that doesn't go away even if you do pay," Hynds said. "It comes back after a little while."
William Hill's online activities include casinos, poker, arcade games and fixed-odds betting, accounting for around 20 percent of the group's ?6 billion (US$11 billion) turnover. It, too, has been targeted by Internet extortionists. The company was hit by a DDoS attack the weekend before the Cheltenham Festival.
Spokesman David Hood says: "The attack lasted about 24 hours. We were as prepared as you can be. We managed to control it to a degree, but we didn't eradicate it completely. We were working at 60 percent capacity."
What surprised Hood and several other companies within the industry is the apparently random nature of the attacks. For example, not many criminals staged attacks to coincide with the Grand National steeplechase race in April.
Instead, Hood says: "We had another attack after the Grand National. This made us think that it wasn't necessarily organized crime behind it. The language in the e-mails was very bad."
The extortionists were demanding sums between US$10,000 and US$50,000. Despite the apparent amateurishness of the extortion attempts, Hood is in no doubt about their technical prowess.
"Their ability to coordinate a DDoS attack is quite impressive," he says.
Talk within the industry has these attacks coming from the US, the far east and eastern Europe.
"Our evidential trail often leads us to eastern Europe," Hynds said.
Although many other online betting companies have been targeted this way, most are reluctant to talk openly about their experiences for fear of attracting more unwanted attention. They are also keen to play down the problem for fear of undermining confidence in the industry.
A spokesman for one leading online bookie said: "We don't want publicity because it acts as a red rag to a bull. We suffered one or two minor outrages in the springtime. An attack closed down the homepage of the site. Our customers suffered a delayed service. We put in a few preventative measures, but we know they can't guarantee us protection. The problem certainly hasn't gone away."
So how much money have online bookies lost as a result of attacks by extortionists? Even talking anonymously, the companies are reluctant to reveal how much the crime costs.
Hynds says: "Accurate figures are hard to come by. You can assess the cost of rebuilding a network that has been attacked by a virus, or how much money a business lost if it was forced offline. But what you can't measure is the loss of customer confidence, the damage to a business's reputation. What formula do you use?"
But a survey commissioned by the NHTCU suggests that annual losses incurred by UK business through high-tech crime in general amounts to billions rather than millions. Some 167 companies revealed that they had lost ?195 million over 12 months. Extrapolating that figure across the whole of UK business leads to a figure in the billions.
Last August, CryptoLogic, a Canadian software company that develops online casino games, admitted a hacker had cracked one of its gaming servers and changed the software to make every craps and slot machine player a winner. It's the kind of scam punters dream of.
For a few hours, 140 gamblers managed to rake in $1.9m -- and keep it because the fraud wasn't their fault.
And it isn't just the online betting and gaming industry that is vulnerable to online crime. Any business whose model is primarily Internet-based is a potential target.
The NHTCU reports a marked increase in the number of "phishing" scams, whereby criminals using spoof e-mails and Web sites attempt to trick banking customers into revealing their security details.
And consumers are also at risk from "advance fee" scams. There can't be an Internet user who hasn't received an e-mail purporting to come from some high-ranking African official seeking help smuggling millions out of the country. All you have to do is pay an administration fee before you get your cut of the loot. Amazingly, the UK's National Criminal Intelligence Service says people are still falling for it.
We, the public, are partly to blame for the increase in Internet crime. Hynds says: "There are hundreds of thousands of compromised computers around the world, and it's going to become more of a problem as more people move to always-on broadband. Home users aren't using anti-virus software and firewalls correctly."
In other words, if you don't protect your computer, criminals can surreptitiously upload "malware" onto your system and then use it to take control of your computer. You may be an unwitting foot soldier in a botnet army -- a sleeping partner in crime.
So how is business protecting itself against Internet crime? The online betting and gaming industry is understandably reluctant to go into detail, but Internet experts have developed software that can detect DDoS attacks as they begin to happen. Companies can then switch operations to back-up servers.
But Blue Square's Peter Pedersen doesn't believe the industry should be left to fend for itself.
"One of the biggest problems is that ISPs don't seem to be working together to crack down on this, nor do governments. In many countries a DDoS attack isn't even illegal. It's a global phenomenon -- the attackers can be as distributed as the attack," he said.
And one thing the government could do is give the NHTCU more money. Its annual budget is just ?9.3 million, yet it has to combat online fraud, extortion, hacking and virus-writing, Class A drug trafficking and child pornography.
While clearly proud of what his multi-agency unit of 57 staff from customs, intelligence, army and police backgrounds has achieved, Hynds admits: "I could probably deploy 100 percent of my resources against child pornography and keep them gainfully employed. But we have finite resources and we have to prioritize our activities."
Despite its small budget, the NHTCU exceeded its performance targets last year by dismantling 13 organized crime groups and disrupting another 12. And there are many more to catch.
Looking out over the Manhattanesque landscape of London's Docklands, Hynds knows that while their methods may have changed, the criminals certainly have not.
There is much evidence that the Chinese Communist Party (CCP) is sending soldiers from the People’s Liberation Army (PLA) to support Russia’s invasion of Ukraine — and is learning lessons for a future war against Taiwan. Until now, the CCP has claimed that they have not sent PLA personnel to support Russian aggression. On 18 April, Ukrainian President Volodymyr Zelinskiy announced that the CCP is supplying war supplies such as gunpowder, artillery, and weapons subcomponents to Russia. When Zelinskiy announced on 9 April that the Ukrainian Army had captured two Chinese nationals fighting with Russians on the front line with details
On a quiet lane in Taipei’s central Daan District (大安), an otherwise unremarkable high-rise is marked by a police guard and a tawdry A4 printout from the Ministry of Foreign Affairs indicating an “embassy area.” Keen observers would see the emblem of the Holy See, one of Taiwan’s 12 so-called “diplomatic allies.” Unlike Taipei’s other embassies and quasi-consulates, no national flag flies there, nor is there a plaque indicating what country’s embassy this is. Visitors hoping to sign a condolence book for the late Pope Francis would instead have to visit the Italian Trade Office, adjacent to Taipei 101. The death of
By now, most of Taiwan has heard Taipei Mayor Chiang Wan-an’s (蔣萬安) threats to initiate a vote of no confidence against the Cabinet. His rationale is that the Democratic Progressive Party (DPP)-led government’s investigation into alleged signature forgery in the Chinese Nationalist Party’s (KMT) recall campaign constitutes “political persecution.” I sincerely hope he goes through with it. The opposition currently holds a majority in the Legislative Yuan, so the initiation of a no-confidence motion and its passage should be entirely within reach. If Chiang truly believes that the government is overreaching, abusing its power and targeting political opponents — then
The Chinese Nationalist Party (KMT), joined by the Taiwan People’s Party (TPP), held a protest on Saturday on Ketagalan Boulevard in Taipei. They were essentially standing for the Chinese Communist Party (CCP), which is anxious about the mass recall campaign against KMT legislators. President William Lai (賴清德) said that if the opposition parties truly wanted to fight dictatorship, they should do so in Tiananmen Square — and at the very least, refrain from groveling to Chinese officials during their visits to China, alluding to meetings between KMT members and Chinese authorities. Now that China has been defined as a foreign hostile force,
RSS