Mediterranean Hack Wave Maps Regional Upswell

By Matthew Hines  |  Posted 2009-05-20 Print this article Print

An interesting lesson in world human geography has been playing out in the malware industry for ages, but it's always fascinating to examine new flares in cybercrime activity erupting as a particular region gets its hooks into the scene, primarily via the Web.

The dynamic societal impact of the Web has seemingly enabled people around the globe to attempt to annoy and rob eachother more so than any other means of mass communication before it, with poorer areas of the world actively and often openly seeking out Robin Hood-like recrimination from richer regions through the use of electronic attacks.

Consider that there's arguably no more notorious e-mail messaging scam than the Nigerian scheme, which was driven by a curiously effective outbreak of social engineering skill and e-mail access that blossomed in the West African nation for no widely understood reason. But, I'd guess that it has something to do with gaining Internet access and a lot of poor people living there.

The success of Eastern European malware gangs like the Russian Business Network, the avalanche of Latin American banking Trojans, and of course the widely rumored involvement of certain Asian governments in hacking campaigns are all major elements of today's global cybercrime epidemic - paradigms that have long been explained as representative of regions with high levels of technical acumen and soft job markets, where the best option for unemployed software coders to earn a living might just well be found in ripping off gullible e-shoppers.

These have also been regions where the local governments might be willing to look the other way when cybercrime has taken off, especially if there's a lot of money involved, and there is.

So, as the cybercrime epidemic has gone global, it would seem that there are relatively few remaining areas of the planet where hacking and malware have only just begun to take off. According to researchers at Trend Micro, the azure blue coasts of the Mediterranean Sea is one area where such an evolutionary process is currently playing out.

The patterns of behavior showing up across the region are indicative of the types of nascent activities previously seen in other parts of the globe, the security vendor's experts said in a recent blog post.

Despite the fact that much of the Mediterranean outbreak is related to the relatively new movement of politically-oriented "Hacktivism" as inhabitants of rival nations take aim at each others' Web sites, all the signs for future expansion of the broader cyber-crime element are present, TrendLabs Threats Analyst Loucif Kharouni wrote on the company's blog.

"The spread of broadband Internet facilities in Morocco, Algeria and Tunisia allow more people to use the Internet on a daily basis. Script kiddies may be hacking websites as a means of reaching out to the growing number of Internet users in these countries," Kharouni said. "This juvenile behavior is actually very similar to how cybercriminals started out and took root in the United States and Europe some years back."

"Persistent web security issues" lie at the heart of the issue, in addition to the area's deep political differences, but the larger problem does appear to be a growing use of cybercrime tactics by different players across the region, TrendLabs maintains.

Thus far the researchers have not been able to determine whether there are gangs of actors involved in the Mediterranean activity, or if it has any ties to other notorious hacking hotbeds, such as Russia.

For now most of the attacks appear to be politically-driven, but if history repeats itself as it has around the globe, a shift to financially-driven scams likely isn't too far off, TrendLabs' Kharouni said

"The motives behind these attacks seems now to be a little more transparent. Aside from the questionable patriotism suggested by these hackers' occasional calls for war, they may simply enjoy the notoriety of their very own 15 minutes of fame," writes the expert. "Ten years ago, virus authors coded mainly for fun rather than profit. This contrasts starkly with the current-day cybercriminal industry where virus writers are capable of earning several million dollars per year."

So, the only news here is that this little corner of the globe is finally waking up to the big game.

Though, if anyone's looking for someone to go there and sit on the beach... I mean blog about the issue, you know just where to find me.

Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to |

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel