Hiding Your Dupa; Interview with a Hacker; Math and Policing

Posted on 10 August 2012 by


Ahh, summer.

As Dave and I set to hauling in data on tens of thousands of license plates for a project we’ll be writing about here and in Law Officer Magazine, and working on some really interesting predictive models we will talk about in a few months, this blog doesn’t write itself.

So we’ll cannibalize some of what we’ve done before and point at some new things people have written in order to fill the pages.

Nice, huh? Actually it’s not just cannibalization, it’s new stuff as well.

Let’s start by cannibalizing the popular post we did on cyber criminal TTP, in which we described how cyber crooks use anonymizing proxies. In a fascinating blog post,  Patrick Lambert discusses insights he gained having conversations on Internet Relay Chats with a Romanian teenager who calls himself D0g.

Mr D0g, it seems, is in the business of buying stolen credit cards and using them to buy crap online. He then sells it in other online venues, launders the money and collects it in a range of ways. Mr D0g claims that these activities net him $10,000 per week – that’s half a million US dollars a year provided he takes a modest, American-style two-week vacation.

And Romania? Not too expensive to live there.

As we have pointed out, conducting business is easier than you’d like to think, and the very first step – the very first thing a cyber criminal does – is to cover your tracks.

Doing the crime, getting rich with stolen identities, is really easy. The hard part is covering your tracks, and 90% of the things these people do are for the sole purpose of covering themselves. This first step starts with a VPN.

If this sounds familiar, it’s because it is: we discussed this just a few weeks ago in Cyber-Criminal OPSEC – a Three-Part Series. Part I: IP Addresses

Recently, when speaking of a cyber case, I said that if your criminals have got an IQ of 101 or greater, and if they’re not pathologically lazy, they’re going to anonymize their traffic … You’re not going to get – or, more precisely, they’re not going to give you – an IP address leading to their house.

Lambert goes into some specific detail about methodologies employed by Mr D0g (including his use of HideMyAss, which we mentioned along with other tools).

Then Lambert gets down to brass tacks about how Mr D0g monetizes his hauls:

…[A]ll he has to do is post ads on eBay for popular items that he doesn’t actually have. Then, when someone buys it, he turns around and buys that same item from some online store with the bought CC numbers, and puts the eBay buyer’s address as the shipping location. He makes those stores send the products directly to his buyers, and gets clean cash for them, which he can spend any way he wants.

Cool-o, eh, daddy-o? This digital laundering of real-world money is popular and simple. Fun!

Predicting Mobs and Crime
Earlier, we wrote about how criminal gangs may have been behind the London riots of last summer. In a TED Talk, mathematician Hannah Fry discusses how mathematical models can help predict behavior like riots.  Dr Fry is currently at work on, “an interdisciplinary project in complexity sciences at University College London” by which I take it she’s into some highly clever number crunching around some diabolically complex issues related to how groups of people behave.

The reason we’re listing it here is that Dr Fry does her TED talk on “Can an algorithm forecast the site of the next riot?” In her nine-minute talk, Dr Fry mentions that there appears to be a solid relationship between the burglaries which can be mapped in a burglary hotspot map and the development of spots on leopards. Since, as she says, the burglary patterns are dependent on the relationship between the attractiveness of the targets and the application of security measures by local residents, and the process of morphogenesis, which is how the leopard got its spots.

We’ll have to trust her on that one – this is well above my pay-grade, not to mention my head.

But Dr Fry mentions a project between university researchers and the West Midlands Police in which these relationships will be explored with the goal of predicting crime hotspots.