'DarkMarket: Cyberthieves, Cybercops and You' — Exploring the World of Cybercrime

Player utilities

This story is based on a radio interview. Listen to the full interview.

Audio Transcript:

Marco Werman: I'm Marco Werman, this is The World. We're following news today in Egypt and out of Liberia and Greece. Now, to a story about a place where there are no borders, we're talking cyberspace. No borders can mean chaos and that chaos is something that cyber criminals thrive on. Journalist Misha Glenny writes about it in his new book. It's called Dark Market: Cyberthieves, Cybercops and You.

Misha Glenny: Dark Market was the premier English language criminal website from 2005 until its closure in late 2008. And it acted as a sort of department store for criminals who could go there, log on, buy stolen credit card details. They could buy viruses, they could download tutorials on what the latest criminal ideas were for the web. And when I was looking at Dark Market I thought this was a really fascinating way to get into the subject of cyber crime and the lives of the people behind something like Dark Market. And this was made a lot easier by the fact that one of the five administrators of Dark Market was in fact an undercover agent of the FBI.

Werman: Right, well that's what I wanted to ask you next because this was kinda of, Dark Market was one-stop shopping for cyber criminals, but it was administered by an undercover FBI agent, this guy, Keith Mularski, for two years. How did that happen?

Glenny: He had to infiltrate the carding community as it's known.

Werman: Does that refer to credit card fraud specifically?

Glenny: Essentially, although it'll take in things like bank account hacking, certain fishing scams, the famous Nigerian 419 scams for example, advanced fee fraud, you know, this sort of run of the mill daily fraud that you get on the web. So the FBI agent, Keith Mularski, had to create a presence in the criminal underworld first of all that was convincing, and he did come up with an extremely convincing back story that he was a major spammer from Poland. You know, he did this very well and was eventually invited on to become an administrator on Dark Market. He was eventually managing the server, which was an incredibly rich source of information for the FBI.

Werman: And briefly, Misha, what happened to Dark Market?

Glenny: Dark Market was taken down. It had to be taken down because Mularski's identity was exposed, but after that there was the whole series of trying to track down the people involved, trying to arrest them and bring them to trial. And you have to remember that these people involved in cyber crime are all over the world. They come from very different ethnic and social backgrounds. And what was peculiar is despite the diversity of these characters, divergent in every respect except for one, and that was that they were all male, because 95% of hackers are male. They had an incredibly tight community. And when the police started coming after them they actually mounted their own counter intelligence operation across the world to warn carders if they had been fingered by the FBI and other law enforcement agencies such as the Serious Organized Crime Agency in Britain or the Turkish cyber police, because it wasn't just an FBI operation. It involved about seven or eight major police forces around the world.

Werman: Well, it is an intriguing community and I want you to tell us more about what makes these hackers tick. I mean your book is full of characters with names like Lord Cyric, Iceman, Chao and Matrix 001. Once they start doing their cyber crime what's motivating them? Are they poor and they want money or are they smart and they just have an ax to grind?

Glenny: It depends where they come from and it depends what their personality type is. The sort of prototype of all the big criminal websites was founded in a desert in Ukraine in 2001. And this was called Carder Planet and there's no doubt that Carder Planet was about making a lot of money. These were kids growing up in the gangster capitalism that followed the collapse of the Soviet Union, but they had a technical ability. And they said well, all of these credit cards and banks in the west, which were very poorly secured at the time…

Werman: Right, and as you point out, this is also the time of the great big boom in credit cards when everybody in the United States was getting an offer every day.

Glenny: Everyone was getting credit cards. The amount of credit cards in circulation is rising the whole time, and this is like taking candy from a baby for these young kids in Ukraine and Russia. And so you see cyber crime emerges in the so-called brick countries, Brazil, Russia, India and China, particularly Brazil and Russia first of all. But now it is beginning to spread everywhere. Indonesia is now a center. Turkey is a big center. Even countries like Germany and Britain now have very healthy cyber criminal communities, healthy in their own terms as it were.

Werman: Right, now not coincidentally in Odessa in 2002 there was the first conference of cyber criminals that took place. When you heard about this was it clear that something big was starting to happen in the virtual world with crime?

Glenny: This was absolutely wild. It was called the First Worldwide Carders Conference. And these people were so you know, self confident that they invited 400 cyber criminals from around the world to come to Odessa. They held meetings all around the Black Sea port in fancy hotels, in small restaurants. And they discussed things like you know, we've got to do more work on JCB and Diners' cards because you know, we're concentrating too much on Visa…

Werman: Wow.

Glenny: And there are all these easy cards that we can pick up. And they said we need to spread, we need more diversity, we need to spread it to New Zealand, to South Africa, to Brazil, there are all these people waiting to engage in the trade. Now, what was really critical and interesting about the conference was that the first point they made in their press release which they sent all over the world, was we will not tolerate carders attacking the financial institutions of Russia and the other former Soviet Union states, because what had already happened here was a relationship between criminals and the successor to the KGB, the FSB, the securities services, which as long the Russian criminals were attacking cards in the US and western Europe, they weren't going to be busted. If, however, the KGB decided that it needed help for whatever reason they wanted, political purposes, security purposes from that hacking community, they would then call upon them and this is a very sinister relationship that we have, certainly in Russia and one or two other countries…a relationship between the security forces and the hacking community where there's a quid pro quo.

Werman: Hm, how secure is the US compared with the rest of the world to cyber crime?

Glenny: Well, its banking system as we've seen recently remains pretty insecure because Citibank was supposedly one of the most secure banks in the United States and yet just a couple of months ago it lost 200,000 account details. That doesn't look good. And because the United States is so wired and because it was so many digital assets, it is a huge focus for attacks from the rest of the world. And this is both in relation to cyber crime, in relation to cyber industrial espionage, and of course, in relation to cyber warfare and cyber security. And we've just seen this this weekend, this extraordinary report coming out about how the drones, which are being used in Afghanistan and Pakistan in which are steered from Nevada, are now infected with a virus which they don't think is doing anything, but they cannot get rid of it. Now, what if it's a virus that at some point will actually trigger something that will send those drones where they don't intend to be sent as it were? This is very disturbing.

Werman: Yeah, indeed. Misha Glenny's new book is called Dark Market: Cyberthieves, Cybercops and You. Misha, very good to speak with you. Thanks a lot!

Glenny: Thanks a lot, Marco.