Russian company is hub for all manner of cybercrime

Where is the world's hub for phishing, spam, child porn and identity theft? That would be the Russian Business Network in St. Petersburg, say computer security experts. The Washington Post reports that groups operating through the company's computers are thought to be responsible for about half of last year's incidents of phishing. For instance the Rock Group used the company's network to steal about $150 million from bank accounts last year, according VeriSign. And Symantec says RBN hosts Web sites that carry out a majority of the world's cybercrime and profiteering.

The company "is literally a shelter for all illegal activities, be it child pornography, online scams, piracy or other illicit operations," Symantec analysts wrote in a report. "It is alleged that this organized cyber crime syndicate has strong links with the Russian criminal underground as well as the government, probably accomplished by bribing officials."

Why Russia? It's a place where the rule of law is shall we say poorly established.

"It is clear that organized cybercrime has taken root in countries that don't have response mechanisms, laws, infrastructure and investigative support set up to respond to the threat quickly," said Ronald K. Noble, secretary general of Interpol, an organization that facilitates transnational law enforcement cooperation. He declined to discuss the Russian Business Network specifically.

It's not easy to buy RBN's bullet-proof services. Potential customers must prove that they are not police investigators by demonstrating active involvement in the theft of consumers' financial and personal data. Alexander Gostev, an analyst with Kaspersky Lab, a Russian antivirus and computer security firm, said RBN is also bullet-proof from law enforcement.

"They make money on the services they provide," he said -- the illegal activities are all carried out by groups that buy hosting services. "That's the main problem, because RBN, in fact, does not violate the law. From a legal point of view, they are clean."

As companies like RBN prosper, unfettered by law enforcement, the problem only keeps growing.

"There is never going to be an easy and painless way to combat this problem, mainly because it's been ignored for far too long and been allowed to fester," said a security administrator who did not want to be identified.