World Wide Web of Crime

The Internet is a wide and wonderful world where you can talk to anyone, be anyone, buy anything, or see any place with only the click of a button. But there is a sinister side to the World Wide Web that escapes most people and only pops its head up from time to time, such as when you click a very realistic pop up on your computer while streaming Game of Thrones and end up talking to a guy in Pakistan who claims giving him your credit card number will make your computer run faster. Embarrassing. And every so often cyber crime makes it to the world stage, like when WikiLeaks revealed Hillary Clinton’s private emails during the campaign supposedly thanks to Russian Intelligence Agencies in an attempt to interfere with the American election. There is an underground world of cyber crime that we as users of the Internet encounter every day, without any knowledge of it and it is growing.


Ron Deibert is a Professor of Political Science and Director of the Canada Centre for Global Security Studies and the Citizen Lab at the Monk School of Global Affairs, University of Toronto. Citizen Lab is a project that marries the world of computer programming and analysis with the world of social and political analysis. Through this program Ron Deibert has delved in to the world of cyber crime far deeper than most of us think possible. When Ron Deibert came to Acadia to give the H.T. Reid Lecture on October 21, he shed some light into the dark corners of the Internet, which I will share with you here.


For me, one of the most chilling things about cyber espionage is just how simple it is. As someone who struggles to update her own laptop, it never occurred to me that the guy in the cubicle next to me in the library could be hacking my computer, much less a computer around the world. But it is people like the guy next to me, any person and every person, that can have access to the means to commit cyber crimes. For example, Ghost RAT (Remote Access Trojan) is a tool that allows a hacker to access and export files on any computer they have access to, from anywhere. This tool can be downloaded off the Internet. This means that the guy next to me really can access another my computer remotely.


It was these kinds of people who invented Koobface. Koobface is a cyber espionage enterprise. It works through a system of Trojan horses and viruses that infects unsuspecting Facebook users. Essentially a “friend” already infected by Koobface would send you a link you can’t resist (ie: OMG look at this naked picture of you!). Once you click on the link you are entwined in their web. Viruses redirect you to webpages that send Koobface money for every click, many of which are fake cyber crime enterprises themselves. Koobface entwined people from all over the world into its web before Citizen Lab found the masterminds behind this cyber plot: five Russians in a basement raking in millions of dollars between games of World of Warcraft.


It gets better though. Once Citizen Lab found the culprits they sought to turn them to the justice system. This is new territory for the justice system though. Where do you turn in Russian criminals committing crimes in multiple countries without leaving Russia, who were found by citizens of Canada? Not the justice system, but the private sector. Frustrated with the public sectors inaction on cyber crime, private companies are taking matters like Koobface into their own hands. By publicly exposing Koobface companies can create anti-virus softwares that will prevent Koobface from working so openly. However, Deibert doesn’t expect the criminals to ever be prosecuted by public courts. There is simply no jurisdiction for it.


This isn’t the end though. Russian gamers tricking global citizens into giving away a couple dollars is not the darkest corner of this underground world. Cyber crime gives hackers access to any information they want. And with knowledge comes power and with power comes politics.


Governments around the globe are starting to realize how the Internet can be used for political gain. For example, Chinese hackers employed by the government sent emails to government officials of Tibet, that when opened gave them access to the contents of their computers, much like Koobface, then exported these documents through social media platforms to hide their trail. There are cyber armies popping up, like the Islamic Republic. Russia even used hacking in the 2009 war against Georgia in order to plan ground attacks after hacking into Georgia’s plans of war. Cyber espionage is a tool for more than just making a couple bucks when employed by governments, especially autocratic regimes.


However, government’s using cyber espionage in acts of war still isn’t the worst part. The worst part is that there is no structure in place to regulate the Internet, protect its users, prevent espionage, or penalize cyber criminals. The Internet is a global phenomenon. It knows no boundaries and it knows no law – yet. Sooner or later, the freedom of the World Wide Web may come at a hefty price.