The trial of a Sys Admin who worked for the Fin7 cyber-crime syndicate provides a surprising look into the inner workings of the organisation.
Fedir Hladyr was the Sys Admin running the support infrastructure for Fin7. He was responsible for JIRA, Jabber and HipChat servers used to co-ordinate the work of their teams of hackers and the control system for the C&C servers which managed their botnets and malware.
Fedir originally answered a job advert to join a security testing firm called Combi Security however it soon transpired that Combi was not penetrating the networks of their targets with the consent of the owners. Far from being an innocent dupe, Fedir rose through the ranks of the organisation and ended up running his own teams of hackers.
Cyber-crime is big business, and Security Managers that think their adversary is a bored teenagers hacking for kicks are in for a nasty surprise. Today’s cyber-criminals are often part of well organised, well-funded organisations that recruit through job ads, run state of the art infrastructures with all the cool toys that would turn your Sys Admins misty-eyed.
The prosecutors in Fedir’s trial estimate the actions of Fin7 have cost their victims some $100 million. Despite the loss of Fedir, the Fin7 gang is still hard at work and is estimated to be netting some $50million a month through their current activities.
Cash like that can hire a lot of skills and puts many organisations cyber-security budgets into sobering perspective.
“We were very impressed with the service, I will say, the vulnerability found was one our previous organisation had not picked up, which does make you wonder if anything else was missed.”
Aim Ltd Chief Technology Officer (CTO)