Pages

5 January 2019

A journey through 'Hackerville,' Romanian city with a reputation as a criminal hacker breeding ground

By Terry Moran, John Kapetaneas and Lauren Effron

Three hours north of Romania's capital city of Bucharest, into the mountains and rural towns of the eastern European country, lies the city of Ramnicu Valcea.

It looks like an idyllic mountain oasis, but around the world it has a troubling nickname: “Hackerville.”

“This is a town that had many different organized groups of hackers," Peter Traven, an FBI assistant legal attache at the U.S. embassy in Bucharest. "And then, also, potentially organized criminals that were basically profiting off of the skill set of these hackers based in Romania.”
(David Pearson/REX/Shutterstock) The city of Ramnicu Valcea in Romania, 2010.

This city became a hotbed for cybercrime in the 1990s, and despite crackdowns by law enforcement, it gained a reputation as ground zero for hackers.

One Romanian man claimed to be a hacker who grew up in Ramnicu Valcea but declined to give his name. ABC News could not independently verify his so-called hacking exploits, but he boasted that allegedly “until today, there hasn’t been a company I couldn’t hack.”

“There’s companies and they have competition," the man said. "Everyone is trying to get information on the others. So I’m a mercenary who gets paid to get that information from the competitors. The demand for information is huge. All of us wanted to prove who’s the best, and it’s just fun, even today it’s a lot of fun for me.”

The simplest way to stop hackers from attacking a company is to hire them.

Hacking can include a suite of criminal skills -- from gaining access to the information stored in a computer system to stealing passwords and breaching accounts, including email and banking information.

“We’re talking about sums that can get as high as tens of thousands of dollars or euros, it depends,” said the unnamed hacker, who claimed to have hacked government and companies for their information and alleges that he has been paid big money for his efforts.

“If you have information on your competitors, you’ll always be one step ahead,” he said. “I’ve had clients who sometimes didn’t just want information, but wanted to have their competitors’ databases damaged or destroyed or taken offline. Of course this pays more.”

Cyber criminals are compromising valuable information from governments, companies and people all over the world, stealing it through hacking, and turning around profits for it.

“We are in the middle of cyber war… because information is power, and when you hold the information, you have the power,” said Madalin Dumitru, founder and CEO of Cyber Smart Defense, a leading cybersecurity firm.

Cybercrime cost the U.S. economy more than $50 billion in 2016, according to the White House’s Council of Economic Advisors report released in February 2018.

The rise of hacking in Romania began after the Romanian revolution and fall of communism there in 1989 that led to the country enduring a prolonged period of economic turmoil, according to Traven.

“After the end of communism we have a lot of technically-trained individuals … and with the job market being what it was at the time they realized that there was more of an effort could be made in making more money by utilizing their skills and turning to hacking," Traven said. "And in particular, trying to hack for financial credentials and financial data.”

Over the years, it created an underground industry, with Romanian hackers becoming known around the world. There is now a coordinated effort between the U.S. and Romanian law enforcement to stop these cyberattacks.

“When individuals can make more money in the cyber underground compared to using those skill sets to work for private sector, the government, it makes it very hard to compete with the money that these individuals can make,” Traven said.

One of these hackers is the notorious Marcel Lazar Lehel, known as Guccifer, who was arrested in 2014 on hacking charges for targeting several prominent U.S. officials and their families, including the Bush family and former Secretary of State Colin Powell.

He pleaded guilty in May 2016 to charges of aggravated identify theft and unauthorized access of a computer and was sentenced to 52 months in prison, the BBC reported.

In the hierarchy of hacking nations, such as Russia, North Korea and China, Traven said, “Romania is prominent only because of its history, but also because it still has illegal activities” currently based there.

But, he said, the reason Romania “isn't as prolific” in hacking as some other countries “is because of the partnerships that the FBI has made with the Romanian police as well to combat this kind of activity.”

CERT is the national cybersecurity and incident response team in Romania, a sort of first responders for hacking attacks. They said in 2017, CERT processed around 140 million alerts about systems under attack in Romania.

Some attacks come from hacking experts like Alex Coltuneac, a so-called “white hat hacker,” or security consultant hired by companies to expose holes in their security systems to help make them stronger.

“I'm a good hacker. I have to mention this,” he said. “I like to help. I want to make our IT industry better... I like to help other companies.”
(ABC News) Alex Coltuneac (right) is seen here with ABC News' Terry Moran (left) during a 2018 interview for "Nightline."

One such company Coltuneac works with is Google. He said Google will pay hackers up to $40,000 to find bugs in their security systems. By doing this, Coltuneac said, “I can pay my rent, I can have a better life,” and he said he only uses his skills for good.

“I know who I am, I know what I want to do,” he said. “I can't see my life like that, hiding from police, from others.”

But there are hackers, so-called “black hat hackers,” who are criminals, like the man in Ramnicu Valcea claimed to be.

“The coolest thing is when we hack a database and people don’t even know we’re there,” the man said. “You go in, take the information, pass it on and just stay there like an invisible tick.”
(ABC News) This man claimed to be a hacker who grew up in Ramnicu Valcea, Romania.

And antivirus software “has nothing to do with” being able to stop hackers, he said. “For me, it’s five minutes [of] extra work to hack them. As far as I’m concerned, sooner or later, anything can be hacked.”

“Black hat hackers” and “white hat hackers” are on opposing sides of the so-called cyberwar, with one side fighting to break into systems and steal information and the other trying to stop them.

"The simplest way to stop hackers from attacking a company, Coltuneac said, “is to hire them.” Then, he said, the companies “will know the mindset of a hacker and will help your company.”

Cyber Smart Defense is one such company that hires some of the most notorious, but reformed, former “black hat hackers” in to their ranks.

“The bad guys, they will move from the street, where they used to be, for example, they used to [rob] banks… these things are not happening anymore because it’s much easier to hack a bank, and then convert the money into bitcoin or whatever cryptocurrency and make it disappear,” Madalin Dumitru said.
The coolest thing is when we hack a database and people don’t even know we’re there. You go in, take the information, pass it on and just stay there like an invisible tick.

Only now, Dumitru said, these hackers “do now exactly what they used to do, but now of course, it’s legal [and] authorized.”

Companies like Dumitru’s employ Romanian hackers like Razvan Cernaianu, known as Tinkode, who hacked the National Aeronautics and Space Administration (NASA), the Pentagon, the European Space Agency and the U.K’s Royal Navy, and hacker Victor Faur, known as Sirvic, who hacked NASA, the U.S. Navy, the U.S. Department of Energy and other U.S. government entities.

Faur said he knew what he was doing was a crime, but that “I just didn’t take it serious[ly]. I said, ‘Well, OK, even if they catch me and the police comes, I will probably get a slap on the wrist and move on.'”

Instead, Faur received a U.S. federal indictment on nine counts related to hacking in 2006. Faur was convicted in Romania on hacking-related charges and received a 16-month suspended sentence and a fine of $238,000 in 2008, but he told ABC News that “actually what they charged me [with] was maybe 10 percent of what I did.”

Cernaianu, who is a co-founder and the chief technology officer of Cyber Smart Defense, received a two-year suspended sentence on hacking-related charges in 2012.
(ABC News) Madalin Dumitru, the cofounder and CEO of Cyber Smart Defense, a leading cybersecurity firm, is seen here during a 2018 interview with "Nightline."

Dumitru, who grew up in Ramnicu Valcea, is hoping to use his hometown’s reputation to usher in the next generation of computer security experts.

“When it comes to [internet technology] IT, Romania and Hackerville, will become the Silicon Valley of Europe,” he said.

But while international law enforcement, the Romanian national police and the FBI have cracked down on cybercrime over the last decade, experts say the threats continue to evolve.

“I think there is no company which can't be hacked,” Coltuneau said. “Every company can have its own vulnerabilities because it's impossible to be fully secure. You can't do [it]. Every day there will be a new attack technique which will be discovered.”

No comments:

Post a Comment