Zeus: We Can Win a Battle, Not the War

The arrests last week of two international crime rings linked to Zeus malware attacks have brought several discussions to the fore, including globalization. The arrests, which have been linked, are part of an international Federal Bureau of Investigation hunt called Operation Trident Breach - an investigation that's been ongoing since May 2009.

Operation Trident Breach is the culmination of international cooperation among law enforcement agencies and authorities. It's an effort that's getting some praise, but is it enough?

That question keeps coming up, since foreign cooperation with U.S. authorities, some argue, depends on the United States' vulnerability to cyberattacks, such as Zeus.

Globalization has breathed new life into Zeus, a pesky Trojan that's been around some five to 10 years. That's definitely not a good thing. But globalization, for which we can thank the Internet, not cable, is having some positive effects - such as forcing cooperation among and between seemingly less-than-friendly international neighbors.

Robert Siciliano, an identity theft expert and McAfee consultant, says if the U.S. is vulnerable, other countries realize they are vulnerable, too. In fact, he goes as far as to say "International relations have improved," because of the global fight against Zeus - since Zeus is the common enemy. "It's like dominoes," he says. "If we fall, they all go down."

That common interest to fight cybercrime was the crux of a presentation given last month by Howard Cox, the assistant deputy chief of the Department of Justice's Computer Crime and Intellectual Property Section. Cox told attendees at the Payment Card Industry Security Standards Council's Community Meeting in Orlando, Fla., that international cooperation is what led to the take down of Albert Gonzalez and Sergei Tsurikov. Gonzalez, the mastermind behind the Heartland Payments Systems and TJX breaches that led to the compromise of 130 million debit and credit cards, and Tsurikov, the hacker who led the break-in to the Royal Bank of Scotland and stole $9.5 million over a weekend from 2,100 ATMs in 280 countries, are two of the industry's best-known fraudsters.

"This required international coordination among law enforcement," Cox said of the Tsurikov takedown. But more international work is needed, especially from countries in eastern Europe, part of the bloc that comprises former Communist states, including the former Soviet Union. "Most hackers are in eastern Europe, where it's not a crime to sell hacking codes over the Internet," Cox said. "There are no laws against cybercrime, so how do we get around that? We work with foreign law enforcement and have them capture some of these individuals when they are on vacation or traveling outside their home countries."

Ukraine and Russia will not extradite criminals to the United States, but some eastern European countries, such as Romania and Estonia, have recently joined the international fight - a sign that international relations are, perhaps, improving.

The world is definitely becoming an interesting cyber place. That cyber reality is one reason we will never win the battle against cyberattacks. The good news that comes from that dark realization, however, is that Zeus is pushing the industry to realize the world is connected. At least that's the way Dave Jevans of the Anti-Phishing Working Group sees it. "Advances in the malware are just tremendous; it's moving at a very rapid pace," Jevans says. "And it's targeting a lot of different financial institutions all around the world."

So, can we win this cyberattack fight? No, probably not. But we can use our enhanced globalization and cooperation to up security, draft and enforce international laws, and enhance international financial services, such as cross-border money transfers. We also could use it as a way to standardize our payments infrastructure, but that one might take some time.