 And then the other thing is trying to encourage you to do this type of research as you investigate what's going on on your own networks. So a brief outline a threat and we'll look at sort of turning the threat on its head and using it as a resource once you've identified a threat. Then talk about building a method to do this with vis-a-vis China, maybe the Middle East so you can take it in different directions and then we'll talk about the law and where international law stands on the subject. So with Russia, very strong in math and science, they have a history in the Cold War of looking at America through a certain lens and taking our products apart no matter what they may be. If you talk to Russians they have a healthy culture of reverse engineering in general. They've assured me that when you're growing up in a Russian household and your lamp breaks or your toilet doesn't flush, you don't just pick up the phone and call somebody, you try to figure out how to fix it yourself first. And so this lends to a hacker culture that is strong. The other thing is the economy may not be quite where it needs to be. This is also true in a country like Egypt that has a great university system, good education, but just not nearly enough jobs to fill the graduates that come out. And so they may move into other areas of the economy. So if you just look, this is a brief slide. We think Windows is expensive and we think Microsoft Office is expensive, but if it cost you a month's salary you can kind of imagine your willingness to pay for it at that point, probably not too likely. Cybercrime. There's a long history of cybercrime from Russia. Vladimir Levin in the mid-1990s manipulated city banks cash management system over 40 times taking $10 million out of it. So it's one of the few cases, though, of a successful bilateral joint law enforcement operation. And what happened was they got most of that money back, but they never did figure out how he did it, how he got in to begin with. The Microsoft source code hack, again, went back to St. Petersburg. This guy named Joy Lopez in Florida recently. Very interesting case. What happened with him? Core flood virus. So he's got a Trojan on his system. Somebody logs in from a couple of former Soviet Union states and they take about $90,000 out of his account, ship it back to Latvia. Now the problem with Joe Lopez was that they had his legitimate login and password and he didn't have that much of a case. Bank of America told him, they said, look, it's not our fault. It's your computer that was hacked. Somebody logged in with your password and moved the money. So he turned around and said, look, I don't know anybody in the former Soviet Union and you should know that the malicious code is out there and you should know that large transfers to suspect countries, you know, you should alert the client. In any case, it's a sticky situation because it's his box that was hacked and not the bank's. This guy you may or may not remember, he spoke four years ago in Apollo over here and I saw his presentation just before he was arrested by the FBI and essentially he was for $99 offering you a program that would remove all copyright, all copy, paste, edit, read restrictions on e-book, Adobe products. And so he was working for Chicago firm at the time and this got really messy because the EFF got involved and nobody wanted the bad PR, at least of all, Adobe or the United States government whose law enforcement agencies also employed Elkhamsoft, which was the company that hired Dimitri and made the product. So with a lot of these cases, again, there's just a few fish in the sea that get arrested but usually not too much happens with them. What I want to suggest here is if you have a true zero-day exploit, you can turn that into cash and this is what the Russians are doing now. They've got a great sort of a bag of tricks and what they're doing through internet worms like Bagel and MyDOOM, they're compromising your systems and what they're doing is just lifting off the financial information so related to PayPal, related to eBay, it's usually not for distributed denial of service, it's usually not for spam although it can be but what they want is your personal financial information and they take advantage of an exploit to increase revenue. So millions of credit cards last year in England where there is money, you will see a lot of interesting activity. So with international gambling, if they're offline for a couple hours, that's a whole lot of money that they're going to be losing, so with the distributed denial of service attacks versus the international gambling, they typically would hit them with maybe a sin flood followed by a letter which said, look, we can take you offline if you don't pay us say $50,000 a week, which is not much for international gambling. By the way, the Sands Institute estimates that about 7,000 companies at any given time are paying extortion money to some online attacker, but in this case, again, there was some arrests made and one success story from last year. Here is a case which is really very important for a couple reasons. One, it was so severe that Microsoft changed its normal patch schedule which was pretty rigid and they were willing to come out with patches around their normal schedule. Two, the U.S. cert advised at least the folks who work in Washington, D.C. Beltway area in the United States government to not use IE, to use something else or at the very least disable JavaScript. But what happens here, again, with the internet worms out there likely, compromising Microsoft IIS, then taking advantage of holes in IE to redirect you invisibly to this IP address in China that would download a key logger onto your system and basically pull off financial information, credit card and PayPal and eBay and the like. Russian malware really falls under every kind of category from backdoor to downloader to spam tool. So they fall into every category. Social engineering aspect and any good attack and with Russians, they've got a very powerful one and a lot of people are looking for girlfriends, are looking for love, right? And so Russia is taking advantage of this. I'll just tell you a couple of stories. There's a Canadian guy who had his Russian girlfriend and was sending her a lot of money and it was the way it transpired, made it very easy for this man, okay? He had a virtual girlfriend, Alvia Medveev, I think. So he could go into a virtual store and buy her virtual gifts and get e-mail back from her thanking for all this great attention. The problem was there was no store, there was no gifts and there was no girlfriend. It was just a couple in Russia that had this scam going. They made about $300,000 on it and of course they would write e-mails all day long saying I love you, thank you very much. So there was another case in which an Australian man wrote to Vladimir Putin directly and he said look, I've been looking for my girlfriend, I even went to Russia, couldn't find her, can you help me? There was an arrest made in that case as well. But it's a big problem because it's playing on some of the basic human needs, right? But the U.S. Embassy in Moscow gets about 10 calls a day complaining of somebody not being able to find their online girlfriend. So criminal communication, okay, it can start in public web forums. There is, I'll show you here, and then we'll jump back. But so there's public spaces in which if you own proxies or your money launder, that kind of thing, you can put teasers out there in public web forums, okay, so then you can contact somebody and then they become closed and you need registration and you need recommendations and that kind of thing. And the real communication then is usually, it's, you know, so what I'm looking for, not proprietary but homegrown code or something that makes it very hard to trace at that point. Here's one example, and here's some sites you could check out, but again, we want to announce your service and eventually make your nickname known through the delivery of goods and services through these sites. And you might get paid through WebMoney. This is, we're very familiar with PayPal in this country, but in this case, this is WebMoney as a service that was started in Russia. And I talked to a couple of Russian guys about this, and they talked about how as soon as you get on, you want to get on a good site, right, where, you know, that's legit essentially. But the administrators have that site, we'll check out your goods and services fairly quickly and decide whether they want to keep you on or banish you forever. Here's Scene. Drink or Die is a really big group. They started in Russia, 93, moved all over the world. There was one of the biggest international operations law enforcement, it revolved around Drink or Die, it was called Operation Buccaneer. There was a guy, Vandito was in Australia, the saint was in Arizona, not too far from here. And this guy's server had tens of thousands, it was so large, it was named to the God Complex. And these guys were arrested, but again, a very sophisticated group, they specialize in application software, tens of thousands of cracks, and very good at what they do, and typically the members only know each other's nicknames, and it's very strictly compartmentalized to the organization and very difficult to, it's kind of like an al-Qaeda cell, right, you take out one and you don't really know, they're not necessarily going to know the other two guys on either side of them in the cell. A little bit different topic, hacktivism, when the United States joined the conflict in the Balkans and started bombing Serbia, again, national emotions run very high, and you'll find that a lot of activity that takes place in cyberspace, particularly involved defacement and denial of service attacks mirrors what's going on in the real world. You see this with the EP3 that was downed our EP3 in China, there's a whole lot of hacker activity and sort of the aborted US-Chinese hacker war that took place during that time frame or almost took place. In the Middle East, you'll see when there's a suicide bombing, or when there is an assassination of the Palestinian leader by the Israelis, you'll see a whole lot of the web defacements and denial of service activity going on. In this case, Russians very upset about our stance, because they're very close to the Serbians, so they did, there was a lot of activity sort of against the UK and US sites. We claim there was no impact, and the UK admitted to having lost some military databases. Espionage is a bit more serious. Here's the current alphabet soup for the Russians. The KGB, the old institution, SVR would equate to CIA, FSB, FBI, and FAPSI, NSA. Just point to the case of Robert Hansen, really, because this is already not new news, but this is the kind of spy that, if you are responsible for protecting a network or protecting any type of national secret, you want to consider that spies are going to be moving in a vastly different direction than you might be familiar with in the movies. I know James Bond uses or turned one page over at a time in photocopy it. Well now, of course, you can stick a USB drive in and take literally every document your entire agency is working on out of the office with you. So it's a big problem. Robert Hansen, 20 years ago, was already sending encrypted bulletin board messages. He hacked into the account of his superior. He was working all the databases at FBI, and there was no real limitations on what he could do, searching for his own name, searching on Dead Drop, searching on Russians, and see if there was any connection that somebody may have suspected him. So about 15 years, he literally gave away just about every important secret to the Russians that you might think of. He was ideally placed. He was the chief of Russian counterintelligence at FBI, which gave him access to just about everything, but very computer savvy, so kind of the spy potentially of the future. Information warfare, you might be familiar with the Revolution and Military Affairs. Essentially that is electronic command and control. So it looks a lot more like the video game you're playing, right? Investments in the future are going to be a lot more pilotless planes. I mean, 90% of the avionics, electronics, and protection mechanisms and all that into a fighter jet are for the pilot. This is crazy now, and then people are realizing that it's sort of an outdated and a romantic notion of the Air Force, and in the future it's going to be pilotless, I promise you. Revolutionary Military Affairs essentially what that means is everything is going to be cyber and network and database-centric. The great goal of the thinkers is you want a digital Pearl Harbor. If you're going to go to war with another nation state, you would like to be able to win it without taking any casualties, you'd like to be able to turn off the lights, and when somebody pulls a trigger, nothing happens. That's the goal here. I mentioned electronic Russia, that is just a project that the FSB is getting underway in order to get the word out to citizens and to the agencies and corporations to start thinking in terms of better computer network defense. Just for the record, they're getting very little money and attention on this, and it's really worrisome to the Russian employees who actually are involved in this project. Cyber war in practice, this is interesting because it's actually something tangible that we can point to, the war in Chechnya, southern Russia, really ugly. As it started, the Russians disallowed any media involvement, and it turned out to be really bad PR for them because essentially the Chechens came in and they showed all the media types exactly the story they wanted them to see. So the word getting out to the international media was not at all what the Russians wanted, they only showed them Chechen dead bodies. So the Russians learned after that, but it did take a turn in a different direction. As the war moved into the 90s, Russia went on the offensive in cyberspace, and I'll just point to one particular incident to highlight the change. If you might remember there was in Moscow the hostages that took over the theater. That lasted for a number of days, and at the end Russian commandos stormed the theater. Right when that happened, several Chechen websites went off the air. So you can only assume from that that it was a coordinated campaign by the Russians on multiple fronts. For the record, one of the servers was located in the United States. So you can assume that the Russians took down a U.S.-based website for what that's worth. Threat summary, post-Soviet Union, as freedoms sort of grow, at the end of the post, they're moving toward a market economy and democratization and all that, we've seen a lot from the tennis players and all of this coming out of the Soviet Union. We also see a lot of good malicious code and a lot to be worried about potentially on your networks, particularly as it involves financial crimes. One of the things about the organized cybercrime is that it does inhibit that part of the market economy that will allow products to be legitimate, to be sold legitimately on the street when you can buy office on the street for a couple of dollars that's been cracked and sold. From one viewpoint, that's a good thing. From another, it sort of inhibits the market economy growth. The other thing is a lot of this money is recycled into more nefarious crimes, so you have to be aware of that as well. So we've established that Russia is a threat. Now you sort of want to turn it on its head and say, okay, now they've got great math and science, great coders, et cetera, et cetera. You want to turn that into a resource. So hacker sites, there's no end of them. You can find them very quickly, but I think for a lot of people, the language barrier would be the first thing that would inhibit you from trying to exploit this as a resource. Here's some sites where you can start looking at them. Here's one, maybe the Civil Hacker School is sort of the analogous to the Academy in France that is very well known and in the news. This side, you'll find everything in English as well as in Russian, so I don't need to help you with that really. But what we will look at is a Russian language site. So here, I took one with a lot of things that we can sort of dissect and pick apart, but again, it's all in Russian. So if you don't speak Russian, you're like, how am I going to do this? Well, I'll show you how in a second. But first of all, I'll just sort of look at the material on the site. And you'll find that it looks a whole lot like a site that your own language wants. You just translate the words. So, Hacker, essentially, you'll find that the Russians have no problems sort of incorporating foreign words into their language. French hate that, right? They've outlawed the use of the word email in France, but no problem with that in Russian. So hacker is a hacker. Zlom is an attack. Zashita defends. Pragramirovanie. Iskhodniki, Khaleava, Soft, and Progya. So I won't take you any further in Russian, but so you can hear a little bit of it. And this is the motto of the site. And here's sort of how it breaks down. You've got training, a lot of downloads, and some hacker tools. And so here's a place you could go, for instance, to find. And once you grab a software translation tool off the internet, you'll find that there might be a lot of stuff here that you could exploit in really just a few minutes that you may never have imagined you could have otherwise. So just the top, here you see archive of articles, right? You can see commentary, how many times it's been read, when it was posted, et cetera. The top one, for instance, I'll just translate the top one. It says, essentially, it means how to seize a lame IRC channel. So it's been read 10 times. You just click on it to download or email. Here's the downloads. And again, it goes into different categories, but in terms of exploits and articles and various tools like scanners. Here's the top 10 downloads. I kind of matched them against the insecure.org ones. And it wasn't a very good match. So potentially, I don't know that a lot of the names haven't been necessarily changed. But what I'm suggesting here is you may find things here that you don't, that you may not find in the normal repositories in which you look. And if you're a coder, of course, you might be able to also pick apart things. You might not be able to read the comments, but I'll show you how to do that. Here's the discussion forums on the site. And again, it's not that difficult. And I've done it. You're all used to having a couple of windows open on your desktop just to translate something in one of the online services and drop that in a chat window. It just takes a second really to go back and forth between the two. So here's hacker tools, right? The three main ones on the site, so the scanner email and DNS. So I just asked it. I said, hey, why don't you scan the Kremlin for me and tell me what ports are open? So it's the kind of thing where you could, again, you're using somebody's tool in their environment or in their milieu, which might be a good idea and offer you some benefits. So it even has a word of the day. In this case, Big Brother is always watching, don't forget. Here's two guys who maintain the site. You can email them with any questions. I guess they sure speak enough English to get by. Okay, now you're like, what am I gonna do with all this? Anyway, so very easy. Software translation is not too bad, especially if you know enough words in a particular discipline to get by. In your case, network security and hacking terminology, you're familiar with so many words that you could essentially look at a machine translation and get by a lot quicker than you think. So natural language processing is, again, it's bringing in human languages into software and machine translation, especially taking one language and translating it into another, it's much more sophisticated than word for word. Now they incorporate a lot of grammatical rules, they've got idioms in there, and now they've got this really great feature, part of the development process, what they'll do because they know that professional translators have already done so much of the work for them. What they'll do is they'll just feed it novels. I talked to one guy who works for company, and they fed it like every Tom Clancy novel. They fed their big machine every Tom Clancy, and what it does is when then you ask it to translate something from English to Russian to English, it already, you know, you have fat Tom Clancy novels are, what's got about 30 of them in there, it's got many more than that. It's actually got millions of, or thousands of books, millions of phrases. It's already, what it's doing is it's taking a professionally translated translation and giving you essentially what a person did who was trained in the discipline. So you'll find professional translations on the web, and these are a help if you really want to study the language, and these can be pretty good. Just for the same reason, you'll find war and peace in every bookstore. You'll also find good articles about hacking. You'll find them as well in other languages, you know, whether you study Chinese or Arabic. These can be kind of cool to look at. There's a lot of free services, and these aren't too bad if you don't know about altavista. Just go to altavista and click on translation, and they've got a nice long list now, bi-directional of a lot of languages that you can go back and forth in for free. There's commercial translation that can get quite expensive. So we'll just look at translation briefly, translation software. So here's smashing the stack, which is admittedly is a very difficult text. And what I'm going to do is actually give it a very difficult assignment, is I'm asking this altavista, right, Babelfish, to go to Russian and then jump back to English. Never try this with Shakespeare. It comes out really, really bad. But with this, you'll find, especially if it's in a discipline, especially if it's something like the weather, especially if it's something that relatively has a limited vocabulary, it's quite good. So it takes smashing the stack into Russian and then back to English. So you'll find, it's to break the stack, you know, so that's not really great. And you'll also find that C programming, there's no real C in Russian. So C became cheer, right? When it comes back, since there's no matchup, cheer, for whatever reason it said, it must be an H. So then you wind up with H programming. That's not great either. But overall, I'm telling you, this just took a second to do, and you can actually walk your way through it without too much of a problem. Russified software, you'll find already, Windows actually is very friendly to Cyrillic now, and it's actually quite good. You just do a left shift and alt, and it'll take you back and forth between the two, just about in any Windows tool that's out there. I'm not so sure, I was told that Mac is, that's not the case for Mac, and I'd be surprised if Linux, but you know, Windows has it covered. Okay, now let's try to turn this into a bit of a method so that you can take it in different directions, because you might not be so interested in Russian, but you might be interested in some different topics in which I hope that this may help you. So I had to think of some way to bring this together, so I noticed that T's were one way that I could possibly do that. So just suggesting that you might want to know something about the country before you invade it, or before you take on its networks. The more you know about history, culture, et cetera, language too, it's going to help you enormously to understand where they're coming from and where you should be going as well. The terrain, how am I going to talk about the telecoms in the internet infrastructure in the country? The techniques, you know, hacker groups and tools, that kind of thing. There's a lot of good resources for that, and the translation, essentially, I think that's really the key to sort of breaking the barrier here. Okay, Russia, I'll give you just 30 seconds. 12th century, they kicked out the Mongols. 17th century, they took Siberia. The Communist Revolution in 1917, you know, lasted 70 years. Now they've got kind of three things going on. They're trying to develop democracy. They're trying to develop the economy. And they're dealing with the war in Chechnya, which is a big deal. So they've got, they don't have 50 states. They've got 49 obelisks. They've got 21 republics, 10 okrugs, six cries, two federal cities, and one Jewish autonomous republic. So it looks a lot different than the country you might be from. But again, the more you know, and just so you could just read, you know, a couple articles just to kind of get you in the mood to take on the Russians. Okay, the little thing, that's what you may be used to looking at when you open your atlas in terms of geography of another country. But let's look at the big one, which I think is really, it's actually really quite interesting. Here is the three main fiber optic lines in Russia. They're ATM based, so they're heterogeneous. They've got video, voice, and data. And they run from St. Petersburg in the north, runs up into Scandinavia, down to the, you see the cross there, that's Moscow, goes down and toward the Middle East, and then out to the Far East. And these are the three main lines the data is going to travel across as it goes through Russia. It goes down to Navarra, and over here it goes to Khabarovsk, and then to Horbin in China. And again, here you'll see that in the middle there's almost no color there, and that says it's almost completely undeveloped. And what you'll find is you go further into Siberia, there's many more reindeer than there are human beings. And so what you're going to find up there is satellite communications and very few landlines. And part of the problem with Russia now is everybody is moving to Moscow and St. Petersburg with the market economy. Nobody's staying on the collective farms anymore. And they've got freedom, they've got freedom of movement, and they can move to the big city, and that's what everybody's doing. And so a lot of these outlying areas are in real trouble. Okay, Russian telecommunications. RU is a Russian digraph, SU, which several parties are fighting over still for some reason, but that belongs to the former Soviet Union. And then you can actually count the number of internet hosts and users and telephones talked about the trunk lines. But again, a little research will yield quite a lot in terms of the basics of the numbers of people, the numbers in order to get on the right connections and to get into a country. Runet is an interesting concept. It's kind of like China Net or A.O. Hell, right? It is a intranet that you, like you might belong in your organization or your university, but it's essentially a sort of a cocoon of sorts that's kind of generated by Russians and for Russians and is largely in Russia and is interviewed as network security guys, not only for the smart people but also largely for the stupid users. So but it's essentially Russian cyberspace. Internet usage by country here just quickly. Russia has a relatively small percentage of its population that may be online compared to, say, Scandinavia, but they got a lot more people. So what that means is actually you're going to, you could potentially deal with three or four times the number of Russians as you could Scandinavians online just by the sheer numbers. And so that's something you might forget. Again, more color to less color means more connections to less connections. Here's an interesting slide. You consider that some countries, you probably heard the phrase all roads lead to Rome. Well, when I was in England, too, they assured me that even the smallest village has a street that is pointed directly toward London. So what I want you to see here is essentially the spoke pattern for probably most networks that you would encounter in Russia. If you want to get from point A to point B, you got to go through Moscow, essentially. This is really good to know when you are crossing networks so that you know if I want to go somewhere, potentially somebody could collect or see me along the way. Here's the most sophisticated map I could find. There you see the satellites, you know, out that are connecting the more remote parts of the country. I think I've covered most of the points I wanted to cover here already. So I'll move on. Now, you can rely on finding things like this on the internet, work that people have already done for you, or you could do it yourself. You know, in one way you could do that, that's relatively painless, is with trace routes, and they tell you so much about networks and so much about, you know, connectivity issues that are very worthwhile. So just, you know, here is the way you could do it with a program like Visual Route, but here's a way with trace routes that you could do it on your own and then build a little map like this. And you can see, you know, dissecting the words in the resolution and just connecting the dots, essentially, and you can see where the important parts are. You can see, for instance, so many things through trace routes, like if you want to go from here to the Congo, you may have to go through Egypt or through South Africa, and really there's no other way to do it, and this is the kind of thing that will show you that. However, with Russia, you can actually build a nice little network map relatively quickly. Here's some major IP ranges to get you started if you don't already have them, but again, these are the big players in Russia and they're in charge of the networks and you'll find, you know, the Russian government in military and everybody will fall in there. And again, a lot of people are going to do work for you. Like if you're interested in tracing spam or you're interested in finding the bad guys in certain contexts, here's some, especially with spam, people have done a lot of the work for you and they will have lists already put together for China or Russia, for IP ranges. Okay, I had a great class a few years ago on hacking and what they said was the first place to start may not be entirely obvious to you, but you start with the homepage, right? So in this case, here's the Russian government portal and you'd be surprised how much information is here if you dig down into it. But again, part of the problem for a Western user is that the language barrier. Here is about the only page that you'll find with a direct word-for-word translation and it is the president's page, not surprisingly. Here's a great site, Russian cyber crime office. Again, it's only in Russian, but for some reason to the title. So it's a big, there's a whole lot of pages extending out underneath it. But again, cybernetic police, everything below that is in Russian, but there's some great stuff here. Started with the spider group. This is back in the mid-90s when Russian wanted to tackle internet crime and it was still a secret back then, they called it the spider group. Well, you can see some leftover vestiges of that here. Here's some things that fall underneath. And one of the things I want to highlight here is just that if you are in law enforcement or you wanted to do any type of international investigation, whether it be official or unofficial, you can see here the actual what Russians consider illegal and the definitions by which they might prosecute someone. So here, you've got Carter, Freaker and Hacker to start with. They have a site that has cybercrime statistics all the way back to 1982. And I really thought this was quite interesting. There's a lot to go through here. So I went back to 1982 and it was reading and there was only one case from that year and they only called her Miss Kay. Well, Miss Kay was programmer and she was in an office that was involved in doling out the funds all over the Soviet Union. And what she did was she just went in there and changed it according to this one number and she would change it sometimes and then she would change it back and she would sort of flop. But essentially what it was doing, it was the old salami technique and it was slicing every time she did that, slicing money off of an account and going in a direction where potentially she would gather it up later. Here's all the office that had an official website on the cybercrime site. So there's 89 total. This was the number that actually had websites so they were really quite cool to look through. They all had their logos and a lot of them are called Kay because Kiber would be cyber. So this is Cyber Police, Kiber Polizia. This is an interesting story. I made this slide before I got an email from this guy. He is the top cyber cop in Russia. And so I read through his bio and as you might expect in Russia he's very well accomplished in terms of academics and they're really quite good at that in the Soviet Union. And so he appears very bright and really knows what he's doing. Well, I emailed that cyber crime site and said, I'm going to write a presentation and I want to know if you wanted to give me any word of advice and help me out in any way. Well, he emails me back, the same guy. And we had a nice little dialogue and he answered all my questions. He was really quite friendly and he seemed like a good guy. So in here I'll just highlight some of the things. He says one of the main things from his perspective is he just wants to make sure we're all on the same page, not surprisingly. And that for international investigation, you're talking about log file formats, you're talking about contact information and all this. He says that most of his 89 offices actually do get complaints from overseas every day, the majority of them. But he says at the bottom, he says, well, we're doing our best. We're actually meeting more and more often with foreign counterparts, especially the FBI. Now here's some questions that I just put together. And again, I put a lot more together than this, but this is just kind of a start. I was thinking if we could develop 100, 200, the most important terminology, the most important questions to be asked for international investigations, even if you're just a system administrator or you're the kind of guy who does, who reads through your log files just for fun from your firewall at home, the kind of things that would be able to take you across borders. I don't see any reason why we couldn't develop several hundred of these and get them professionally translated and be able to move more quickly across borders. So here's just some things that I had put together in that regard. Here's one word to get you started in case you're, I don't know, I've only studied a couple of languages here. But again, you will find a lot of hacker stuff just about in any language on the web. And the thing is, whether or not you've done this before, it works and you slap yourself, you've never done it. But if you know, for instance, the word for hacker and Russian or Chinese, just take that and drop it in Google and see what comes up. And it works. I mean, Google knows exactly what you're talking about. Right? So you can take those and you can drop them in foreign newspapers. You can drop them in sites like the spam sites that I showed you in English. They've got the same thing in foreign countries. And I'll just end this section with Kaspersky according to Russian hackers, the most hated man in the country. But this is a real interesting guy and he just made his entry into the US market. I'm not sure if you've heard of Kaspersky Labs or not, but they just incorporated the United States. And they have, in February, they have big plans to move outside Russia. One of the interesting things about Kaspersky is that the Kaspersky Labs are, according to technical people who look at their products, really very, very good. Their products worked very well. They seem to know exactly what they're doing in terms of writing antivirus signatures that work and that are beneficial. So one of the interesting questions then, especially guys from America's perspective, especially with sort of the legacy of the Cold War and all that, is whether we'll have any inhibition about buying Russian products and putting them in our networks, especially if they're a government in nature. Okay, I'll finish just talking about the international political scene. And there's some real interesting juicy things going on to think about. There's no end to the number of sites that you could start with. Here are just the UK sites that I found, where if you had anything that fell under these categories, it'd give you a place to start in the United Kingdom. But in general, international law is real ill-suited to deal with the internet. And it's just started to catch up. I mean, the internet is borderless. And you can't even hope to sort of interview all the people who cross your borders every day, much less look at all the data packets. Again, we all know what the I Love You virus and all that. In certain countries, they haven't even thought of instituting cyber crimes and say, how are you going to prosecute somebody? Nobody likes to extradite criminals. Nobody likes to give up any part of their national sovereignty. These are all real important issues, and they're all for good reasons. If you gave up part of your national sovereignty to a foreign country, you're worried about all kinds of things, from the abuse of data to espionage to collecting on your citizens without their consent in a different culture, looking at your political culture, and all of that. So what you have is like Microsoft and Valve looking at other solutions in order to track down criminals. Evidently, somebody has taken a Microsoft bounty. You know, they're not going to publish it, but that's what it appears has taken place. And with the case of Valve actually tapped their fan base and they said, can you help us here? Somebody stole parts of Half-Life 2 and it worked. So extra-territoriality is a big issue. And here, primarily going to talk about remote search and seizure. So we'll talk about the FBI sting. And so the FBI in the year 2000, they saw this activity coming from Russia. They weren't getting the help that they wanted from the Russians. And so they said, well, we're going to do our own research, and we're going to do this. And so what they did was they had a couple of suspects. They went to Russian sites, they pulled down their resumes, and they invited them to Seattle to a fake company for an interview, and they came. And it's kind of a sad story in part because they were actually quite excited about getting out of the biz and going legit. And they went to Seattle and, of course, the FBI guys, they said, why don't you download some stuff to prove your skills to us? And of course, as soon as they did, they had their log on username and password, and they had all this evidence with which to prosecute them. So remote search and seizure, it's a great topic to debate because whether or not, in this case, the Russians went over there without the consent of the Russians. So what the Russians did was they sued us back, and they said, you illegally came on our networks, and it was a mess. The thing is, if you're not getting cooperation from a foreign government, what do you do? You're kind of between a rock and a hard place. Is it closer to, do you think, actually sending your law enforcement over there and invading the country, or is it closer to, say, doing open source collection from newspapers or taking satellite pictures, all of which are commonly available and are not really considered espionage? Okay, one of the main things we've got going right now is the European Cybercrime Convention. But a lot of the things I just mentioned are the big issues. Essentially, people are worried about these national sovereignty issues, and so all we've really got on the table is closer point of contact issues. And so that's really all the national governments, I promise you, are going to allow. There is no way that a national government is going to allow another one to come in and ransack its networks looking for evidence. So just, it's about getting on the same page it's about having the same log file formats and good points of contact. That's really all that's on the table. And I'll just leave you with just a short story. Recently in the UK, they wanted to find some malicious guys in China, and so they were calling over there, these UK guys trying to find somebody to talk to about it, and they had extreme difficulty. They finally found the PRC cert, and they said, whether or not this is the case, this is at least exactly how it seemed to them in the UK. They could only find one person to talk to, and that guy only spoke Chinese. So to make long story short, they eventually found somebody who spoke Chinese in the UK, and they told this guy that this particular website was causing them problems, and they said it came down in a heartbeat. But that sort of a story highlights the difficulties with which you'll find in crossing international borders in any of this business. So thank you very much for the talk. I really appreciate it. If you have any questions, feel free just to raise your hand. The mob. Okay. Yeah, I tried to find... I'm sorry? Yeah, I tried to talk about organized crime in the sense of either the Russian Bride scams or the credit card information, the PayPal, the eBay scams. There's so many things to look at. The online extortion against the gambling rings in the UK. I tried to bring up a wide variety of things, but really there's almost no end to it. You have to use your imagination, just like malicious code, right? I mean, you can do almost anything you can dream up, essentially. But yeah, it's a big problem in Russia, organized crime, and they know what they're doing. And I just read an article from last week, and one of this Russian law enforcement official just said that it is so hard for them to trace cyber crime back in Russia because they're just using great techniques. He said they have a three rule in which they use at least three hops to anonymize their contact on the internet. So he said they never go below three. And he said two, maybe he's doable, but three, he said makes it virtually impossible to ID somebody on the internet. So part of the problem with Russia is very good. One of the things I didn't say is that Kaspersky in an interview recently, he said five or 10 years ago, and this is maybe of interest to the crowd here, hackers in Russia were largely the healthy kind. He said, but it is just moving so rapidly. He said it's gone from below 50% now to over 90% of malicious code is written by and for criminals. So he just said that's one thing that has taken place in the past five or 10 years for malicious code in Russia is that the criminalization of the internet regards malicious code. I don't know to be honest with you, but I do know what she asked about money laundering. They're using euros. Yeah, it's a big problem. One of the things with the internet is they get the right logon information for say a PayPal account, and it's real tough to, they have a legitimate transaction. In other words, they've got two legitimate accounts. They transfer money from a legitimate account to a legitimate account. By the time law enforcement gets around to doing something about it, they're gone. They're gone and that money has been transferred to places which are safe for the criminals. So it's a big problem. Okay, one more question. Yeah, let's, he said are there any good software, he uses translate.ru, a fair bid, and I do as well. Standalone, commercial translation software. You can look through the links. There are a number, I noticed there are a number that are under $100. Language Weaver is pretty expensive, but it uses specifically that technique I talk about, and it feeds at literally hundreds of newspaper articles and novels to do, essentially it is giving you a professionally translated version. It can be choppy at times, it's very expensive, but Language Weaver is one that is highly regarded. It's won a lot of prizes. Well, I mean they claim that I think with Arabic, Chinese, and French, they're already really good, and I think they've included a whole lot of stuff. Russian is coming out this year, it's not out yet. So thanks a lot, I really appreciate it, but that's it.