Dimitry Belorossov, who went by the alias Rainerfox, was responsible for the distribution of a botnet that compromised more than 11 million computers, as the Atlanta Business Chronicle reported. But while Belorossov's malicious experts took place on a massive scale, he was not able to evade justice. Instead, he's going to have to spend the next four and a half years behind bars, as a Georgia judge decided. Given that he's from Russia, the fact that he's been sentenced in Georgia has raised some eyebrows. But U.S. attorney John Horn stated that it's fitting given the nature of his criminal actions.
"Global cybercrime requires a global response, and this case is a perfect example," Horn said. "This defendant committed computer hacking offenses on victims in the United States from the relative safety of his home country of Russia, but he was arrested by our law enforcement partners in Spain."
Horn's stance – a view that's shared by many – is clear: Commit a global criminal offense, and risk facing the wheels of justice wherever you're caught. But the problem is that most hackers never are caught.
Most hackers go unpunished
While the sentencing of Belorossov is encouraging in that it highlights the increasing severity of punishment for convicted hackers, it's important to keep in mind that the vast majority of cybercrime goes unpunished. Cases like Belorossov's may generate big headlines, but what doesn't land in the papers as much is the fact that most hackers can carry out their crimes without fear of prison.
The problem of not bringing the majority of hackers to justice is an issue that was recognized a long time ago. Back in 2001, for instance, TechRepublic ran an article detailing how hacked companies tended to not pursue the culprits due to the perceived challenges in locating a remote hacker and also the desire to ensure that attention surrounding a hack – which generates lots of bad press – fade away as quickly as possible.
And as InfoWorld contributor and security expert Roger Grimes pointed out, there are other factors that enable hackers to not have to face justice. One element, for instance, is that it's extremely challenging for law enforcement to nab cybercriminals. Locating someone who robbed a store is one thing. Finding an individual – or individuals – who stole a person's identity is quite another. As Grimes asserted, the chances of a remote identity thief being captured "are almost infinitesimal." This is largely due to the global – and virtualized – nature of cybercrime, which presents law enforcement with a vast sphere of activity that's much harder to navigate – let alone regulate – than the physical world.
The need for businesses to bolster defenses
With the majority of cybercriminals roaming free – and aspiring hackers refining new malicious strains without worrying about capture – it's imperative for businesses to boost their approach to cyber defense. An optimal company cybersecurity strategy won't just include one tool. Instead, it should encompass several vital components, including:
- Prevention resources: No company wants to face the reality of dealing with a cybercriminal attack. That's why businesses implement protective tools such as antivirus software, which aims to keep malware at bay. Software solutions like these do the work that can't be efficiently carried out manually – running frequent systems checks and staying up-to-date on new virtual threats. Because corporate email represents a prime attack portal for hackers – often via phishing emails disguised as legitimate messages – it's particularly important for organizations to ensure that their email service is as well-guarded as possible.
- A clear cyber policy for employees: Your business's breach prevention tools may be up-to-date, but if your employees don't know, for instance, that they shouldn't be using easy-to-guess passwords, then the prevention tools aren't going to help much. In the cybercriminal realm, hackers carrying out enterprise-based attacks are always looking for that vulnerable employee – the one who will provide that password via email, or click on that link from an unknown sender. For this reason, it's vital for companies to equip all employees with a baseline cyber knowledge to reduce the chances of an employee inadvertently allowing a malicious presence into the business network.
- Detection tools: Sometimes, even when prevention tools and employees do their jobs as far as defense goes, a threat can still breach the company network. And with malicious strains growing more sophisticated and hard-to-detect, these kinds of intrusions can be expected more frequently moving forward. If a threat lands in your corporate network, time immediately becomes of the essence. To minimize or even eliminate damages, companies want to be able to detect the malicious presence immediately upon its arrival. But in order to be able to do this, businesses need detection tools.
Cybersecurity news and analysis brought to you by Arctic Wolf, leading providers of detection and response security services. Managed SIEM, when your firewall fails.