Weekly Schedule
  Message Boards
  Transcripts
  Video Archive
Get New Responses

Automatically Update Page

Submit Question

Discussion Areas
  Politics
  Nation
  World
  Metro
  Business
  TechNews
  Sports
  Style
  Entertainment
  Travel
  Health
  Home & Garden
  Post Magazine
  Food & Wine
  Books & Reading
  Viewpoint
  Jobs

  About Live Online
  About The Site
  Contact Us
  For Advertisers

TechNews: Cybersecurity Section
TechNews.com
Talk: TechNews message boards
Live Online Transcripts Subscribe to washingtonpost.com e-mail newsletters
mywashingtonpost.
com -- customized news, traffic, weather and more


Subscribe to the weekly Live Online E-Mail Newsletter and receive the weekly schedule, highlights and breaking news event alerts in your mailbox.


Cybercrime: Hacker Series
With Ariana Eunjung Cha
Washington Post Staff Writer
Tuesday, May 20, 2003; 11 a.m. ET

The global Internet has created a near-borderless world, where information and ideas flow constantly at the speed of light. But a new breed of criminal has emerged over the past decade to take advantage of holes in computer network security. Hackers have proven adept at raiding corporate and indivudal computers, stealing everything from confidential financial information to intellectual property.

In a three-part series, The Washington Post this week explores how one group of Russian hackers was able to shake-down U.S. companies to the tune of millions of dollars. The series highlights the difficulties law enforcement officials worldwide have in fighting cybercrime.

Day 1: Internet Dreams Turn to Crime
Day 2: A Tempting Offer for Russian Pair
Day 3: Despite U.S. Efforts, Web Crimes Thrive
Interactive Graphic: Key Players and "Anatomy of a Hack"

Join Post staff writer Ariana Eunjung Cha on Tuesday, May 20 at 11 a.m. ET, to discuss the series.

The transcript follows.

Editor's Note: Washingtonpost.com moderators retain editorial control over Live Online discussions and choose the most relevant questions for guests and hosts; guests and hosts can decline to answer questions.


Ariana Cha: Hello and welcome! I've received tons of phone calls and emails about the series so I'm happy to be here to answer your questions.

Mt. Rainier, Md.: It was a great series, very informative. Maybe you should be writing mysteries on the side! It's depressing though how you brought out in the last article the fact that the Russians feel few if any moral qualms about the hacking. It seems they even feel stealing credit card data and using them is a 'grey area'? Well, I guess we have enough Americans who feel stealing from big companies is morally not a biggie. But even their professor thinks this is great? - Whew!

washingtonpost.com: Despite U.S. Efforts, Web Crimes Thrive (Post, May 20)

Ariana Cha: Thank you very much.

Well... to understand how some people in Russia feel about hacking it might be helpful to think about how people in the United States used to think about littering a few decades ago. You might recall how people used to throw soda cans and candy wrappers out of car windows and it wasn’t considered particularly bad. Nowadays, people are more conscious about environmental issues. This isn’t an exact parallel ofcourse but it helps to explain how a country’s/culture’s thinking about what’s right and wrong develops over time.

Arlington, Va.: Geez your story is incredible. Absolutely mindboggling that they are getting away with what they are doing. My question is about the hackers in Russia. How did you track them down and how did they react when you found them?

Ariana Cha: I went to Chelyabinsk with very little information about the rest of the “Expert Group.” I did have a short list of suspected accomplices but since some of them were only known by their online aliases I was skeptical that I could track them down. My goal was just to knock on doors--Internet cafes, bars, schools, corporate offices, etc.--and see what I could turn up. Well it took me forever to find the people I found and I never did find some of them. The strange thing was that each time I would reach someone, the first thing he would say to me was: “I’ve been waiting for your call.”

Washington, D.C.:
What a gutsy thing to do! To go over there and talk to these criminals. Did you feel threatened to keep quiet? Did you feel you were in danger?

Ariana Cha: Honestly, I was nervous the entire time I was in Chelyabinsk. I emailed my editors every day with my schedule and I had my interpreter with me at all times. (He’s a boxer and had been to the area before so that made me feel a little bit safer.)The only time I felt threatened was when I started asking around about one of the hackers on my list. Several people warned me to stop asking about him. The rumor was that he had some thugs rough up a local reporter after she began to ask questions about his involvement in Gorshkov and Ivanov’s crime. So I stopped asking about him.

Silver Spring, Md.: Why would someone that had hackers break into their business turn around and offer to represent them and then want them to have assylum? This does not make sense. Is this story for real?

Ariana Cha: An excellent question.

When Jon Morgenstern, the president of E-Money, first heard from these hackers he had the same gut reaction you seem to be having: that these guys are bad and that they deserve to be in prison. But after talking to them four or more times a week for several months he came to have a different view. He felt sorry for them. Surprisingly, that kind of reaction wasn't uncommon. I called many other executives at victim companies and nearly all had some empathy for the young men. Even the prosecutors I spoke with described Gorshkov and Ivanov as “nice guys.”

Silver Spring, Md.: I'm struck by how brilliant these kids were. If Russia is full of all these brilliant minds, why can't we tap them for LEGAL purposes?

Ariana Cha: After the fall of the Soviet Union, companies from all over the world came to recruit the scientists and technicians the country is so famous for. Camera companies in Japan, for instance, snapped up a lot of the former government workers specializing in lenses. Recently, U.S. tech industry has been trying to, as you put it, tap the talent in Russia, too. Last fall, Intel announced they would open up three research facilities at universities there. VC and angel money is also starting to come in. Esther Dyson, for instance, has told me that she has been to Russia several times and has invested in some startups. But it’s going to take time before there’s a viable tech industry there.

Washington, D.C.: Your article on the Russian hackers is fascinating and at the same time scary with the twist of Sherlock Holmes. Why aren't the Russians interested in controlling these criminals? Is there any international body which is in charge of setting some codes of conduct in controlling the cybercriminals that should be followed by the countries?

Ariana Cha: If you ask Russian government officials, they ARE interested in controlling crime on the Internet. They will tell you some of the laws need to be strengthened and that they need more funding for trained cybercrime investigators. The G-8 and the Council of Europe have been working to try to come up with a solution but for something to work they’ll have to get every country in the world to agree-not a simple task.

Washington, D.C.: The U.S. pays former Soviet scientists to do peaceful research in hopes of keeping them from selling their ideas to hostile nations. Why doesn't Microsoft or Cisco or whoever pay these smart kids to work for them?

Ariana Cha: An intriguing idea. Perhaps they should!

Barrington, Ill.: I am quite certain we have brilliant minds here in America. If you hack here in the United States particularly against U.S. targets, I presume it is easier to go to prison more immediately. I suspect that the hackers in Russia have a greater freedom of hacking against U.S. targets without the ability to be brought to justice as easily. What do you think?

Ariana Cha: Absolutely.

The FBI and Secret Service have some very smart people investigating cybercrimes and in the case of the “Expert Group” hacks they were able to pretty quickly figure some of the people who were responsible. The problem is that they were in Russia. It struck me as very strange that I as a regular citizen could go hang out with these alleged hackers in Russia but that our law enforcement officials are forbidden from going there to investigate.

Arlington, Va.: If one of the FBI agents won praise for his work, why is there a criminal investigation into his work with this case.

Ariana Cha: Well the Americans and the Russians obviously have very different perspectives on this case.

Baltimore, Md.: How much are Russian hackers tied into organized crime syndicates?

Ariana Cha: That’s probably the biggest mystery here.

I heard all sorts of rumors while I was in Russia about who was in charge of the hackers. One name in particular kept coming up and I confirmed with U.S. law enforcement sources that this guy in fact exists and could be “at or near the top of the food chain”in these hacking cases and linked to a larger and more dangerous crime group. But I never did manage to find this guy.

Louise Shelley, a professor at American University who studies white collar crime, has told me that she believes much money laundering takes place electronically nowadays which means that hackers (or at least computer experts) must be involved.

Alexandria, Va.: Have you stayed in touch with Gorshkov? What does he plan to do when he gets out? How likely is it that he'll return to Russia and a life of hacking?

Ariana Cha: I received a letter from him about a week ago and have been in touch with his family and friends in Russia via email. He said he hasn't decided what to do yet. One close friend told me she believes he'll take some time off and try to get to know his daughter Anastasia (he's never met her since he was arrested before she was born.) As for the hacking question, I would hope he has learned enough skills during the time he was in prison so that can finally get his legitimate company off the ground.

Falls Church, Va.: Why didn't Ivanov want to talk to you for the series?

Ariana Cha: Ivanov initially consented to an interview but then declined after he learned I had learned he had told U.S. officials about his alleged co-conspirators in Russia. As is understandable, he's concerned about his safety.

Washington, D.C.: Did you discover any instances where the hackers failed to keep their word... did they ever violate a promise to not distribute credit card information after a victim company paid a negotiated payment or did they ever receive a negotiated payment in exchange for a disclosing security flaw that didn't exist?

Ariana Cha: Yes, in a few cases. But for the most part, these guys were gentlemen. They kept their word.

Washington, D.C.: Let's face it when you push that send button your vitals can end up any where. A hacker may be able to follow back to your computer based on what you send and how much you put out there. I feel it's not always a good idea to use the internet when doing business with numbers,like bank or credit card, or doing business that is 'very' personal to you. And any body who would do business in an online auction is insane!

Furthermore what do you think of protecting E-mail not just from hackers, but let's say an over intrusive gov't or corporation? Couldn't there be some form of shield or cyber-envelope(if not already in existence)that would emulate the conventional envelope used in 'snail mail'. Then vital info could go through cyber space from sender to sendee, only to be opened by the receiver, without being vulnerable to theft by outside parties?

Ariana Cha: A lot of people I know encrypt their email. Phil Zimmerman's PGP or "Pretty Good Privacy" is quite popular.

Arlington, Va: Interesting piece. It seems almost as if these guys were treated with kid gloves because of their economic and social circumstances in Russia. I wonder if you think the same treatment would be extended had some pasty-faced 20-something hacker group been responsible for these attacks?

Ariana Cha: I think U.S. prosecutors would beg to differ. They worked very hard to put these guys away for a long time. In fact, the U.S. attorneys in Seattle had asked for a very long sentence for Gorshkov. It was the judge who struck it down to three years.

Annandale, Va: Very good article, thank you. These guys got caught in part because of their boldness but also due to their naivete about how the law works. There are probably hundreds of hackers doing the same thing here in the states, but going about it a lot more carefully. Do you think these guys would ever have been caught if they had been less careless, and what does that say about the ability of our law enforcement agencies to stop this sort of activity?

Ariana Cha: It's hard to say. The U.S. has caught some hackers who weren't so sloppy. "Mafiaboy" who launched those attacks on Yahoo, CNN and other big Web sites in 2000 for one.

I think our cybercrime investigators are considered among the top in the world but it's the nature of the Internet that makes everything difficult. The Internet and much of the software that runs on it was built on the notion of trust, that most everyone was a "good citizen" who would behave so there are a lot of security issues.

Barrington, Ill.: Do you think it is feasible to set up an Internet border patrol as a way of keeping non-US Internet traffic scrutinized for malicious intent in the same way we have customs and restrictions at our national borders, harbors and airports? Is it possible that our technology shops in the United States have the joint wherewithall to counter threats like those that the Russian hackers posed?

Ariana Cha: Some companies are already doing this. They are blocking email and other communications from Internet addresses in certain countries. (This is mostly a consquence of too much spam.) The technology is there but many people object to it because it defeats the whole purpose of the Internet--to be the a global communications medium. Plus, what's to prevent a hacker from hijacking a U.S. computer and using it to launch attacks?

Ariana Cha: Well that's all we have time for today! Sorry I wasn't able to answer everyone's questions. Thank you so much for joining in.

washingtonpost.com:

That wraps up today's show. Thanks to everyone who joined the discussion.

Stay Tuned to Live Online:
What's Cooking: Kim O'Donnel, Noon ET
Gene Weingarten: Funny? You Should Ask, Noon ET
Strength & Fitness: Marty Gallagher, Noon ET
Levey Live: Rick Atkinson, Noon ET
Cybercrimes: Hacker Series, 1 p.m. ET
Station Break: Paul Farhi, 1 p.m. ET
Lean Plate Club: Sally Squires, 1 p.m. ET
'The Teammates': Author David Halberstam, 2 p.m. ET
America & Genocide: Author Samantha Power, 2 p.m. ET
Teacher Says: Fun With Math, 2 p.m. ET
Iraq: Role of Women, 3 p.m. ET

Keep up with the best Live Online has to offer and special breaking news discussions. Sign up for the Live Online e-mail newsletter.


Automatically Update Page    |   Get New Responses   |   Submit Question

© Copyright 2003 The Washington Post Company