WSJ: Report: Eastern European Hackers More Sophisticated Than Asian Counterparts

http://blogs.wsj.com/digits/2012/09/18/report-eastern-european-hackers-more-sophisticated-than-asian-counterparts/

September 18, 2012

Report: Eastern European Hackers More Sophisticated Than Asian Counterparts

By Devlin Barrett

A new report from a cyber security firm has concluded that Eastern European hackers are launching more sophisticated attacks on U.S. businesses than their Asian counterparts, in part because hackers in Russia and nearby countries work in a more nimble, mercenary fashion.

The report from Tokyo-based Trend Micro Inc. compares two of the main sources of global computer attacks -- and finds distinct differences, notably that the Eastern European hackers are more often "hired guns'' trying to steal money, while East Asian hackers tend to be part of larger organizations intent on swiping corporate or government secrets.

Tom Kellermann, a cyber security official at Trend Micro, said Eastern Europe "has become the true center of gravity for the master thieves of hacking.''

Mr. Kellermann said he believes there are three historical factors that distinguish Eastern Europe hackers from those in the rest of the world: an educational culture which has long emphasized mathematics and chess; a robust underground economy, and a well-developed "tradecraft'' of criminal activity that has adapted well to the Internet age.

"Eastern European malware is so elegantly crafted as to be the 'Faberge eggs' of the malware world,'' the report says, citing as an example a recent instance of a small program dubbed "Tiny Banker'' that has attacked banks in Turkey.

To combat these types of threats, Mr. Kellermann argued companies need to spend more time detecting threats and monitoring file integrity.

In comparison to the cyber "commandos'' of Eastern Europe, Trend Micro analysts say East Asian hackers perform more like "cyber foot soldiers'' -- less dynamic, and less concerned about hiding their origins when launching computer attacks.

The report's conclusions, which are based on a year of analysis of different malware programs, are in line with trends described by federal computer security officials -- hacker groups in the former Soviet bloc countries focusing largely on financial firms, and figuring out new ways to siphon money out of the system, while hackers based in Asia have repeatedly targeted U.S. government and defense contractors.