GameOver ZeuS: Combatting the Global Threat of CyberCrime

Although cybercrime is no longer a new threat to global security, it has remained an important and growing concern for both domestic and international law enforcement agencies. The very nature of cybercrime requires American law enforcement agencies to reach out to their international counterparts to work together in tracking down criminals. This need for international cooperation has led state leaders to create new pieces of legislation that monitor and prosecute those who commit international cybercrimes.

The FBI Cyber Division has the definitive top 10 most wanted list of international cyber criminals with the list split fairly evenly between those from Russia and China. The Chinese suspects work under the PRC’s 3rd Department of General Staff while the Russians are mainly independent with strong ties to the Russian mob. One suspect on the list is not an individual but rather a group called “JabberZeus Subjects”, a collective of criminals who are infecting millions of computers across the world with a malicious piece of software known as “GameOver ZeuS”. Zeus’s success comes from the number one suspect on the FBI’s list, Evgeniy Mikhailovich Bogachev.


Bogachev is a 30 year old career criminal living openly and freely in Anapa, Russia. His software, known as GameOver ZeuS or GOZ, is a botnet that uses keylogging or form grabbing to acquire banking information and then makes transactions through “money mules”, typically individuals who fall victim to phishing attacks. GOZ also installs “Cryptolocker”, malicious software known as ransomware that blocks access to critical files or documents until a fee is paid. GOZ spreads through spam and compromised URLs, infecting computers in 226 countries with the majority in the United States of America and Europe. GOZ communicates with other infected systems through a P2P network, allowing them to attack vulnerable infrastructures in tandem. GOZ has been used as a network for DDOS attacks against financial institutions and can prevent victims from accessing their compromised accounts. This has led to over $100 million in losses for victims in the USA alone.

The spread of GOZ has prompted coordinated efforts by law enforcement officials in Canada, Britain, the Netherlands, Ukraine, and Luxembourg to stop the spread of the malware at its source. Led by FBI agents in Pittsburg, Omaha, and Washington D.C., a federal grand jury in Pittsburg unsealed a 14-count indictment against Evgeniy Bogachev for “conspiracy, computer hacking, wire fraud,  bank fraud and money laundering in connection with his alleged role as an administrator of the Game over Zeus botnet.” Although the charges are an important step to bringing Bogachev to trial, the FBI faces a number of problems with prosecution. The FBI must rely on cooperation with Russian officials to turn over Bogachev and although cooperation with Russian authorities has been “productive”, there has been little effort made to turn Bogachev over to the international legal organizations seeking his arrest.

Since 2001, the international community has been working together to address cybercrime, improve investigative techniques, and increase cooperation amongst nations to combat cyber criminals. Beginning with the Budapest Convention, the international community has begun creating treaties that work to prevent cybercrime. However, due to the complexity of creating a standard set of rules dictating the prosecution of criminals around the world, there still is much work to do. Cyberterrorism and cyber-warfare is also an important topic of discussion and there has been increasing legislation to combat this growing threat. Trade agreements such as the Wassenaar Arrangement which ban the sale of weapons have now been expanded to include hardware and software that can be used to compromise the infrastructure of a nation’s telecommunication systems.

What does the future hold for law enforcement agencies combatting criminals sitting behind their desks thousands of miles away? Increased cooperation between governments is the first step, allowing law enforcement agencies to apprehend suspects and to take them to trial. Beyond that, creating systems that are increasingly more secure and complex to thwart the next GOZ is critical. Finally, it is imperative that the general public is educated on how to protect themselves against phishing and other common techniques used by computer criminals.


Photo Courtesy of “Cliff” (License)

The Cold War and Plan C

nuclear-weapons-test-67557_1280The Soviet Union, on November 22, 1955, detonated a hydrogen bomb with a yield of 1.6 megatons – catching up to the United States’ nuclear capabilities. The H-bomb, a weapon deriving most of its energy from the nuclear fusion of hydrogen isotopes, was roughly 1,000 times more powerful than the atomic bombs dropped on Japan. The U.S. government, in April of 1956, concerned about the prospect of nuclear annihilation, drafted, practiced, and planned for a domesday scenario.

Cold War-era documents recently released to MuckRock per a Freedom of Information Act request to the FBI show that the U.S. government had plans to implement martial law as a countermeasure to an impending nuclear war. Plan C, as it was called, involved the declaration of martial law, the evacuation of top American personnel to secret offices, and the immediate detention of 12,949 individuals with ties to “subversive organizations.”

Of the 30 pages that have been released so far (over 100 pages are still being processed) none include precisely who the 12,949 individuals who were to be detained were; only that about 500 people in Washington D.C., and 400 in New York who were “enemy diplomatic and official personnel” were to be taken. Initially, Plan C was to go into effect when the international situation was of utmost gravity but before actual war broke out. The plan went through a number of iterations as different people in the chain of command got involved. It was never distributed widely and the plan was ordered destroyed in 1957.

Martial law has been instituted in the United States on the national level only once, during the Civil War, and on a regional level only once, during World War II. The Supreme Court in Duncan v. Kahanamoku said that the term martial law carries no precise meaning, but generally the institution of martial law permits government military personnel to make and enforce civil and criminal laws. Other common features include the suspension of certain civil liberties and suspension of the writ of Habeas Corpus. Under Article I, Section 8, Clause 15 of the Constitution, Congress has the power to “[call] forth the Militia to execute the Laws of the Union, suppress insurrections and repel invasions.” Article II, Section 2, Clause I declares that “[t]he President shall be Commander in Chief of the Army and the Navy of the United States, and of the Militia of the several States, when called into the actual Service of the United States.” The Supreme Court has interpreted both clauses to allow the declaration of martial law by the President or Congress.

The United States is (arguably) no longer ensnared in a Cold War stand-off. But contingency plans in the event of nuclear war or comparable doomsday scenario are likely in place. Whether modern day plans involve declaration of martial law and detention of thousands of individuals is a question for future FOIA aficionados.


Photo Curtesy of CCo Public Domain. 

U.S. Nuclear Policy Modified

The United States recently announced a revised nuclear policy which greatly implicates international affairs and national security. Perhaps one of the most notable revisions prohibits the use of nuclear weapons in response to any conventional, biological or chemical attack, provided that the aggressor is a non-nuclear state or abides by the Nuclear Non-Proliferation Treaty.

The revised nuclear policy of the United States is also meant to encourage Russia to continue negotiations with the U.S. regarding the reduction of nuclear weapons stockpiles. The Senate has ratified the new Start arms reduction treaty, yet Russia has hesitated to co-operate, citing the potential threat of a U.S. missile defense system. Russia’s foreign minister, Sergei Lavrov, stated that “Russia will have the right to abandon the Start treaty if a quantitative and qualitative buildup of the US strategic anti-missile potential begins to significantly affect the efficiency of Russia’s strategic nuclear forces.”

Russia and Venezuela Sign New Energy Deals

The Prime Minister of Russia, Vladimir Putin recently signed nuclear power plant and space industry bills with Venezuela. While in Caracas, Putin also made a down payment for Russian rights to oil exploration in the Orinoco River Belt. Evo Morales, the Bolivian president was also in attendance, seeking loans for military hardware and to discuss oil exploration in Bolivia. The visit was hugely important to the Venezuelan President, Hugo Chavez, who stated that the plans for nuclear power were for peaceful purposes, he added “we aren’t going to make a bomb.” Venezuela has recently undergone a series of blackouts and is looking for a nuclear solution to fix the problem.

Chavez repeatedly stated that Venezuela was not building an alliance against the United States. Amongst his rhetoric about the benefits of nuclear power, Chavez spoke of his aspirations to install a satellite launcher and factory in Venezuela. One spokesman for the U.S. Department of State criticized Chavez’s astronomical aspirations by stating that Venezuelan efforts to expend resources on its people should perhaps be focused on the “terrestrial rather than the extraterrestrial.”

Read More at the BBC.

Second Wave of Terror Strikes Russia

At least 12 people were killed, and 23 injured, by a string of suicide bombers in Russia’s North Caucasus region on Wednesday. The attacks, which appear to be coordinated, also might have been linked to Monday’s bombing. While relations in Dagestan had been improving under the leadership of Russian president Dimitry Medvedev, these attacks signal a key stap backward in that progress. Dagestan borders the volatile Chechnya region, which is seeking to establish an Islamic Emirate. Prime Minister Vladimir Putin took to the airwaves to vow retaliation for the recent string of attacks. He also made clear that he was unconcerned with where in Russia the attacks occurred, a sign which experts speculate may lead into a new round of conflict in the war-torn region.