http://www.startribune.com/viewers/qview/cgi/qview.cgi?story=84005216&template=business_a_cache
Cox News Service
Monday, April 23, 2001
MOSCOW -- Height: unknown. Weight: unknown. M.O.: has ability to move
invisibly over great distances, speak multiple languages and destroy
the civilized world as we know it.
Vasyl Kondrashov matches the FBI's definition of the 21st century's
Public Enemy No. 1 -- except for one thing. This 28-year-old who feeds
his wife and toddler by teaching people how to break into other
people's computers doesn't think what he does for a living is a crime.
"Hacking isn't necessarily a crime, just like a knife isn't
necessarily dangerous. It all depends on the person behind it," said
Kondrashov, who heads what he calls a civilian hackers' school in
Odessa, Ukraine.
"I see my task as giving knowledge as well as the responsibility to
use it for good and not evil," he said.
Long known for producing science and math virtuosos, Russia and other
former Soviet republics in recent years have garnered a reputation as
the source for some of the world's most devious hackers.
The mastermind behind the Microsoft network break-in last October was
traced to a Russian e-mail address. The highest profile prosecution of
a cyber-crime to date was Russian Vladimir Levin's conviction in 1999
by a Florida court for stealing $12 million from Citibank accounts.
The post-Soviet region is an incubator for talented, and often
jobless, prodigies able to imperil e-commerce and computer systems
everywhere, say law enforcement officials in Moscow and Washington,
D.C. Indeed, the elements are a dangerous mix: advanced technical
knowledge common among university graduates, an uneven legal system
that often lacks the means and the sophistication to pursue hackers
and a population too poor to buy anything but pirated computer
products.
"Cyber-crime is bloodless, so some people delude themselves that this
is not a serious crime. These guys are a menace to society," said Col.
Anatoly Platonov, the deputy head of the Russian Interior Ministry's
unit for high-tech crimes.
Series of online chats
The view of Kondrashov and many of his computer colleagues, who spoke
to Cox Newspapers in a series of online chats about their work, is
more morally ambivalent.
A graduate of the prestigious Odessa State University, on the Black
Sea some 1,000 miles south of Moscow, Kondrashov said he learned much
of his computer security skills on the job. He worked as the network
administrator for another Ukrainian university, then as a computer
network security expert for the Ukrainian armed forces.
Now he is employed as the network administrator for the local office
of an international charity. It is a plum position, but one that
doesn't pay him enough money to support his family. His wife, a
schoolteacher, earns only $250 per year, while his parents, both
retired, each receive $10 per month on their government pensions.
The skills Kondrashov had to offer in Ukraine's shattered economy were
his hacking abilities.
"Nothing works in my country, and the government is corrupt. Morally,
I do not support my government. I support my family. My little girl
wants to visit her grandparents in the summer, but how am I supposed
to pay, if not with my skills?" Kondrashov asked.
"We have a proverb: To live with wolves is to howl like a wolf," he
added.
Two years ago the computer whiz began teaching after-school
programming classes to high school students in town. About 300
students came to his classes last year to learn PC troubleshooting and
common yet sophisticated programming languages such as C and Perl, he
said.
As his professional reputation spread, he began receiving e-mails from
what he terms "more advanced" students looking to "gain knowledge for
knowledge's sake." Together, they navigate silently through
cyberspace, opening and closing files in private companies' networks
-- not to steal or destroy, Kondrashov insists, but to stretch their
mental muscles.
"I don't teach offensive maneuvers to my students, just skills you
need to know to defend your system from intruders," Kondrashov said.
"My rule is never say goodbye by destroying something."
Russia gets tough
In Russia, the Interior Ministry is deaf to this gospel of ethical
hacking. The agency's high-tech unit, called Department R, has
launched a get-tough campaign against computer criminals. Last year,
it arrested 1,375 people and prosecuted 468 different cases involving
computer-related fraud and property damage.
The extent of the problem is difficult to gauge and the Interior
Ministry would not divulge its estimates of the proportion of active
hackers it has not nabbed. However, industry estimates say only about
25 percent of computer-related criminals are caught.
Among the department's biggest cases is the cyber-thief known as
Maxus, who last fall posted on the Internet 25,000 credit card numbers
he had stolen from online retailer CD Universe. Maxus is still at
large.
Mostly, the department's daily activity focuses on the flourishing
pirated software market and the common practice among hackers of
stealing user-names and passwords for Internet access, a major reason
cited by America Online when it shut its Moscow office in 1998.
Two weeks ago, the daily grind at the department turned exciting when
the detectives received a tip about an underground club in
northeastern Moscow called Club Shaitan.
Typical of Internet clubs around the Russian capital, no coffee is
served at Club Shaitan. It's a regular hangout for neighborhood
teenagers. The only problem, Platonov says, is the computer games they
play come from pirated CDs and the e-mail they send goes through a
jury-rigged system that allows the owner to avoid paying for online
access.
"This may seem like a small fry," he said. "But places like this are
where the hackers of tomorrow start out. We want to tell kids we are
out here and we are serious."
ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV@SecurityFocus.com with a message body of
"SIGNOFF ISN".
Received on Mon Apr 23 03:07 CDT 2001