Fatal System Error: The Hunt for the New Crime Lords Who Are Bringing Down the Internet
By Joseph Menn
The Cybercrime genre is starting to come in to its own, developing a standard style of first hand accounts from those in the trenches performing daring technological feats of dubious legality. Menn flips the template a bit by following two “whitehats” Barrelt Lyon and Andrew Crocker as they attempt to fight the proliferation of international organized cybercrime. Lyon is the hero hacker who uses his self taught skills to defend companies from DOS attacks. His work brings him perilously close to the world of organized crime. His first clients run semi-legal online gambling sites. The online extortion they are subject to and the protection money they are intimidated in to paying are straight out of the Sopranos. Lyon finds ways to offer legal protection to these and more legitimate companies through the use of sophisticated packet filtering and massive bandwidth reserves although his own company gets tied up with shady investors. He takes the fight to the cybercriminals by actively mapping their informal and formal networks in eastern europe and russia, exposing their mob connections. His attempts to get law enforcement involved go largely ignored.
While the US comes across as either willfully incompetent or good naturedly handicapped by the lack of international cooperation depending on the agency, the British are well ahead and actually pioneer international cyberlaw enforcement through new fashioned detective work. Enter Andrew Crocker a British detective and pioneer in eastern european cybercrime investigation. Andrew builds trust with Russian law enforcement the Russian way, heavy drinking. He manages to get stationed in Russia and actively pursues one cell of Botnet controllers responsible for early DDOS attacks. Through perseverance and guts he pursues the criminals through a corrupt legal system and organized crime, eventually securing one of, if not the, first cybercrime conviction in russia for international crimes. Despite all the effort his methods fell by the wayside after the post 9/11 shift in security resources towards terrorism. Only now, over a decade later is the true threat of cybercrime becoming widely apparent as Menn alludes in his final chapters. We are left with a system whose defenders are informal groups of dedicated and skilled whitehats. We need them now more than ever.