FIN7 'technical guru' sentenced to 10 years in prison - CyberScoop
From the article:
"A U.S. federal judge on Friday sentenced Fedir Hladyr to 10 years in prison for his alleged role as an administrator of the multibillion-dollar cybercrime group known as FIN7, which has breached hundreds of U.S. firms.
"The 10-year sentence includes three years Hladyr has already spent in detention since his arrest, and $2.5 million in restitution to be distributed to victims.
"FIN7 is one of the most formidable cybercriminal groups of the last decade, allegedly siphoning off millions of credit card numbers from restaurant and hospitality chains in 47 U.S. states. And Hladyr, a Ukrainian in his mid-30s, is allegedly a big reason that FIN7 operated like a well-oiled multinational corporation."
This is a rare major victory in the war against international cybercriminal organizations, who are responsible for billions (that's "billions" with a B) and probably tens of billions (that's "billions" with a B) of illegal losses to individuals, companies, organizations, and governments around the world every year – and the amounts are growing every year.
These organizations (often multi-national) are usually assisted by foreign governments (or at least receive tacit cooperation from government officials who, at minimum, look the other way – often with the help of bribes), including Russia, China, Belarus, Moldova, Romania, Nigeria, and Indonesia.
Some of these cybercriminal organizations make James Bond's adversary SMERSH look like a two-bit operation – only they don't want to rule the world, just own it (or at least your bank accounts).
Aside from the governments that aid, abet, and give comfort to these organizations, the biggest problems with fighting them and getting victories in court like the one described in this article above include:
The cyber criminals are usually 2-3 steps ahead on the technology curve versus government agencies that have long, complicated procurement lifecycles.
Government agencies have lots of problems recruiting and retaining top talent to battle cyber criminals because they can't compete with private industry on salaries. The FBI, in particular, has been hemorrhaging its top cyber people over the past several years and you don’t easily replace such people with the necessary skills and experience – especially when you’re being constantly attacked for being part of the “deep state.”
Government agencies often can't recruit the best people to battle cyber criminals, even if they're willing to accept lower salaries, because some of the best people can't get security clearances because they acquired certain highly-desirable and special skills and experience when they were "young and foolish."
The laws against cyber crimes have not kept up with the fast pace of development of the Internet, e-commerce, and cybercrime itself.
The reasons for this last point are clear but are not going to be fixed anytime soon:
Too few politicians have made this a priority. Too few politicians have educated themselves on this subject. Too many politicians are more concerned with politicizing the problems of cyber crime rather than with fixing them. (Sound familiar?) And too many politicians are more concerned with fighting culture wars than with fighting cyber crime that robs people, companies, organizations, and governments of billions (and eventually hundreds of billions) of dollars, destroys lives, and undermines our economy.
It's great that Fedir Hladyr was convicted and sentenced to 10 years in prison. (I keep thinking of the character Hugh Jackson played in the movie "Swordfish" but he's not that person.) Will his conviction and sentencing act as a deterrent? I don’t think so – not when the rewards are so great versus the so-called obstacles I described above.
No comments:
Post a Comment