Wednesday, October 27, 2010

Cyber crime and the Netherlands

A criminal computer network in the Netherlands was dismantled on Monday, and the main suspect arrested in Armenia less than a day later. A Dutch expert has hailed the operation as unique, but the Netherlands still ranks seventh on the global list of countries most plagued by cybercrime.
The dismantlement of the Bredolab network has been made much of, mainly in the Netherlands but elsewhere too. The arrested Armenian appears to have used 143 servers in the Netherlands to infect three million computers worldwide, disseminate spam and steal passwords to hack into bank accounts.
The police operation that broke up this 'botnet' is another success for the high profile National High Tech Crime Team of the Dutch national police. However, the authoritative computer magazine PC World wondered whether the Netherlands has itself broken the law by uploading software on the 143 servers in question to warn users that their computers have infected with Bredolab, a password-stealing malicious software program.

Why is the Netherlands one of the main exporters of criminal computer software? The country hosts 2.2 percent of all infected networks, called botnets, earning the Netherlands a seventh place on the global list of countries most plagued by cybercrime.
The country with its fast, multi-branched network is located on one of the main hubs of the digital highway. And some of the biggest hosting providers have their head offices here. The providers host the servers used by criminals to spread their malicious software.
Joran Polak, editor-in-chief at Security.nl says it’s the top providers who are the weakest link in the chain.
“Because of their size it is very difficult for them to check a whole network, which makes it just a little bit easier for a cyber criminal to avoid being detected compared to smaller hosting providers who know all their customers and know who they are dealing with."
Fox.IT is a company which alerts banks and hosting providers when criminals have infected their networks with malicious software. The company also assisted forensic investigators in their operation against the Bredolab network.

Marketing manager Joost Bijl says the Netherlands is in the vanguard of the fight against cybercrime, but it could do more. For instance, Dutch police lack the authority to strike back via the internet and crack down on foreign cyber criminals. Simply put: using their own weapons to take the fight to foreign criminals.
“Cybercrime Public Prosecutor Lodewijk van Swieten would love to have the authority to do just that, and
enable him to hack the hackers. However there are legal hurdles to be cleared. Taking the fight to the cybercriminals means attacking a network in another country, and to the best of my knowledge there are as yet no laws that make that possible.”

Privacy issues

Cracking down on foreign cybercriminals and their computers easily leads to conflicts with all kinds of legislation, including privacy laws. Wim de Bruyn, spokesperson for the Public Prosecutors’ Office, says this is one of the reasons the Dutch police do take action unilaterally, even though they do have the means.
“At present, this would mean breaking the law. And even though it’s technically feasible, legislation must be
enacted before we can use these methods.”
So while cybercriminals can strike across the globe with just a few mouse clicks, forensic investigators still have to travel far and wide to catch the perpetrators. It is up to the minister to amend existing legislation without sparking a row with his foreign colleagues.

Day Opening - October 27

Nightscape Aurora, Norway