http://www.techweb.com/se/directlink.cgi?WIR1997051912
Criminal Information On The Wires
By Douglas Hayward
A Russian criminal gang breaks into a bank undetected after immobilizing
the alarm system with a blast of electromagnetic energy. Hundreds of miles
away in Holland, a criminal mastermind keeps one step ahead of the police
by bugging and deciphering even their most secret communications. These
two events, though far apart, are part of the same frightening phenomenon:
the growing use by criminals of sophisticated information warfare (IW)
techniques and technologies borrowed from the military and security
services.
Information warfare is the art of monitoring or attacking your enemy's
communications and information networks. IW techniques range from overt
physical attacks aimed at damaging or destroying communications and
computer networks to covert "virtual" attacks -- such as tapping
communications or hacking computer files -- which rely on their effect of
being undetected. Information warfare also includes elements of propaganda
and psychological operations, such as jamming enemy broadcasts and
replacing the content with your messages.
Show Me The Money = Show Me The Crime
IW used to be a technique used by generals and spies, but now it's
something happening on the streets in any town.
"A great part of IW now takes place in the field of computer-related
crime," says Captain Freddy Gevaert of the Belgian national police, the
Gendarmerie. "We have gone beyond the world of tangible goods and stepped
into a virtual world where data is knowledge, knowledge is power, and
power is money. And where you find money, you find criminal
organizations."
Most business organizations have become totally dependent on their IS and
communications networks. If you can raid the computer files of a bank with
impunity, you can steal money electronically, which happened to the
Citicorp bank in 1995, when a Russian criminal hacker group illegally
transferred an estimated $12 million. Russian criminal gangs have also
used IW hardware devices -- such as electromagnetic pulse guns that knock
out communications systems using intense energy bursts -- to immobilize
banks' alarm systems.
A recent criminal investigation in Holland showed how criminal gangs are
using IW techniques not just to attack commercial targets, but also to
harass and outmaneuver police and judicial agencies.
Too Advanced To Follow
"In the early 1990s, we found ourselves dealing with an opponent who was
technologically ahead of us and who was therefore very difficult to
follow," says Piet Kruijer, a chief inspector in the Amsterdam police. "We
discovered that information warfare can be used against the police force
and civil authorities as well as against industry and military
organizations."
Kruijer's opponent was an Amsterdam gangland boss, Charles Zwolsman, who
created a sophisticated counter-intelligence organization, backed by
impressive hardware and software technology, to destabilize the police
investigation into his operations.
Zwolsman's private intelligence agency, dubbed the "Service Department" by
Kruijer, operated as five separate groups, or "cells." As with military or
terrorist groups, each cell worked independently and only communicated
with others when necessary. A group calling itself the
"counter-observation team" (COT) shadowed police personnel and passed on
intelligence -- including home addresses and license plates of police
personnel -- to Zwolsman. A second group of wiretapping experts -- dubbed
the "scanner freaks" -- developed and installed wiretapping equipment,
with the help of people within the Dutch telephone company and local
universities.
Two separate groups of hackers -- one politically motivated and another
more criminally oriented -- monitored police IS and communication systems.
"These groups succeeded in cracking the analog encryption used by many
Dutch government services," Kruijer says. "They could decode our
conversations within three days of interception."
A fifth group, known as the "technical criminals," developed the IS and
communications infrastructure supporting the others. This group also
recorded and analyzed all pager messages sent by the Dutch police, 24
hours a day, using bespoke hardware and software.
Psychological Warfare Against Police
Using the inside information acquired from monitoring police
communications, Zwolsman kept one step ahead of the Amsterdam police for
months on end. But he also waged a destabilizing psychological war against
Kruijer's people, using information gathered by the COT and the
wiretapping units.
"We discovered that our communications were being tapped, computers and
files were disappearing, attempted burglaries were made on houses of
investigating officers, and our people were subjected to threats and
blackmail attempts," Kruijer says. Transcripts of conversations
embarrassing to the police and the judiciary were also leaked to
journalists, he adds.
Zwlosman was only defeated after Kruijer identified and pursued key
members of the service department during an 11-month period, ending with a
wave of house searches and arrests in September 1995. Zwolsman and several
associates were convicted, and the organization was broken -- at least
temporarily.
The experience taught Kruijer two lessons: that criminals are building
technological infrastructures potentially more powerful than those used by
the police; and that the authorities must change the way they operate.
"Since the Zwolsman case, we've managed to raise the awareness of this
sort of problem within our organization, but we are always going to have
people within the police who underestimate the problem," Kruijer told a
recent conference organized by the National Computer Security Association.
Keeping Abreast Of Criminal Activities
One way to protect police against IW attacks is to bring IS expertise into
the investigating team itself. This is a move considered radical by some
police traditionalists, because it involves IS personnel crossing the
boundary between "operational" and "administrative" duties. But Kruijer
says it's necessary if the police are going to keep abreast of
technology-literate criminals.
"It is important that technical experts become part of the investigating
team, and that they can develop techniques to help the investigation,"
Kruijer says. "We have got to work on our techniques and make them more
creative, and we've got to change the mentality of our organization."
Is the Zwolsman case an isolated incident? Kruijer and his colleagues
believe not, and they're probably right. The tools and techniques used by
Zwolsman's service department are universally available. Even some of the
detailed raw information needed by criminals is up on the Net. For
example, political groups sympathetic to the Irish Republican Army have
posted extremely detailed information about the Northern Irish police
force on easily accessible Web pages.
The Dutch police are now moving to a digital voice network, which is
harder for criminals to crack. But the challenge for them and for other
forces will be to keep one step ahead of criminals who are increasingly
technologically sophisticated.
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Dimensional Communications (www.dim.com)
Received on Wed Apr 29 14:16:56 1998