Eurasia: A haven for cybercriminals
Cybercrime is rife across the former Soviet Union, where the combination of a poor economic outlook, weak rule of law, and a history of advanced technical education has created ideal conditions for the proliferation of cybercrime. The specific types of cybercrime prevalent in each nation vary depending on the socio-economic, political, and ICT development of each one, but online criminality is widespread throughout the region.
Countries that have a higher ICT index, such as Russia, Ukraine, and Kazakhstan, are at the forefront of cybercrime in the former Soviet Union. With approximately 80 million Internet users, Russia is ranked as the world’s most egregious offender by HostExploit, an organization that tracks the incidence of cybercrime. The most common forms of cybercrime in Russia include bogus programming services and pirated software sales, hacking services, dedicated server sales and bulletproof-hosting services, spam and flooding services, download sales, and ransomware.
The most pressing cybercrime issue in Ukraine is piracy. Microsoft Ukraine estimates that 86% of computers, including 60% of computers belonging to public authorities, host pirated software. This is presumably one of the major reasons why Ukraine ranks ninth in the world for the number of computers involved in DDoS botnets.
Kazakhstan is the cybercrime hotspot of Central Asia, receiving a staggering 85% of attacks in the region, compared to 8% for Uzbekistan, 4% for Kyrgyzstan, and 1% for Tajikistan. This is likely due to the fact that Kazakhstan has the highest level of ICT development in Central Asia.
In several Eurasian nations, some of the most ruthless criminals in cyberspace operate virtually unchecked. In Moldova, a country notorious for human trafficking, kidnappers are using smartphones, computers, and the Internet to extort money and traffic victims across international borders. Criminals in Belarus are involved in the production and sale of child pornography.
Cybercrime in the political arena
Cybercrime is also sometimes used to further a political or national agenda, although the perpetrators are not necessarily governments. Armenia and Azerbaijan have not resolved the Nagorno-Karabakh conflict, and nationalists from both sides regularly deface websites and slander each other online. Despite the existing animosity between the two nations, ministers of both countries, as well as, seemingly the broader public, do not condone these practices. Ukraine has suffered hacking attacks on its state institutions: for example, the Security Service of Ukraine foiled an attempt to hack the State Electoral Commission website in the days leading up to the 2014 presidential election.
Georgia, too, has suffered significant malware attacks in the wake of the 2008 Russia-Georgia war, which may be reasonably suspected to have been initiated by the Russian government. The Caucasian country also has a history of politically motivated domestic cybercrime. For example, in 2012, the opposition candidate Bidzina Ivanishvili, as well as his family and colleagues, were the victims of a targeted malware attack. This did not stop Ivanishvili, who subsequently won the election and fired 12 government employees in connection with the incident.
While most countries in the region have regulations designed to combat cybercrime, enforcement is lax, largely because national governments do not consider cybercrime a danger as long as it does not pose an immediate threat to their regime or economic interests. Knowing this, cybercriminals often focus their efforts outside the domestic sphere to avoid official scrutiny. In recent years, however, some developments signal a growing recognition of cybercrime as a pressing issue. For example, in 2011, the Collective Security Treaty Organization, an intergovernmental military alliance of six post-Soviet states, identified cybercrime as a priority because it could destabilize internal political structures.
Read part VIII: The push to change global internet governance