With each passing day it’s becoming clear that law enforcement organizations are gaining more insight into the cybercriminal community.
Once upon a time no one seemed to really know who was behind various attacks. But today, between Operation Ghost Click, which led to the arrest of cybercriminals in Estonia, and the flamboyant behavior of Russian cybercriminals -- plus countless more high-profile cases -- it's clear law enforcement officials are getting better at identifying cybercriminals.
Now there is word from Microsoft that it suspects a former employee of a provider of anti-virus software to be behind the Kelihos botnet attacks. Microsoft’s lead attorney, in a blog post, names Russian citizen Andrey Sabelnikov as defendant in a lawsuit that Microsoft alleges "wrote and/or participated in creating" Kelihos software that infected thousands of machines.
Jamz Yaneza, threat research manager at Trend Micro, says it’s clear cybercriminals are pretty well-organized. But just like organized crime figures of lore, they are subject to petty squabbles and a tendency to brag about their exploits by living lifestyles that tend to attract a lot of attention. Ultimately, that makes it easier to identify them and turn them against each other, especially when exchanging leniency in return for providing evidence against their cohorts.
Of course, it works both ways. The case of the former Microsoft employee shows it’s possible to seduce cybersecurity professionals into turning sides. Worse yet, it’s hard to know if cybercriminals have been brazen enough to plant spies within any number of cybersecurity organizations.
At the end of the day, cybercriminal activity is not all that different from more traditional forms of organized crime. Obviously, the way the crime is perpetrated is new, but the ways in which cybercriminals operate is not all that different from anything that has gone on before. But security companies are obviously lending a helping hand in terms of identifying cybercriminals, which means catching these people will become increasingly easier as they continue to reveal their identities. And once all the international legal issues are addressed, it’s only a matter of time before more arrests are made.