POS or SOS? Ask the Russians

America’s third-largest retail company, Target Corp, suffered a virus attack on its POS (point-of sale) system at Christmas.

The intimate-most details of 110 million charge cards thereby became public property, or rather the property of criminals, most of them from Eastern Europe.

This alerted computer-security firms, and their investigation revealed that Target was only one of three national retail companies whose computers were burgled at Yuletide with hitherto unmatched virtuosity. One of them apparently is the luxury retailer Neiman Marcus Group, to which I used to give some custom when in America.

The US government stepped in and classified the findings, which means I can’t share with you the names of the other companies unwittingly raising transparency to a whole new level. Still, you have to make up your own mind, but my glass-half-empty inclination would be to assume that criminals can now access my details every time I use a charge card anywhere in the world.

Also classified are the suspects in this case, or rather their names. However, some information has seeped out, and this has had a profound effect on me.

You see, some 25 years ago, when all that business with perestroika started, I was certain it would take the Russians several generations to produce enough people capable of running, or indeed operating in, a Western-style economy.

Generally speaking, I pride myself on getting most things about Russia right long before others do, but in this case – you can’t imagine how it pains me to admit this – I was wrong.

The Russians have learned how to operate on the margins of Western economies in record time, turning their country into the greatest crime syndicate in the West’s history. There’s nothing we can teach them any longer about money laundering, racketeering, drug trade, prostitution rings – and cyber crime.

Here’s another admission: even though I’ve spent most of my adult life in the West and therefore don’t consider myself a Russian, the current debacle made me feel a twinge of residual pride for the country of my birth.

For there are strong indications that the devilishly elaborate virus software was designed in Russia. Dubbed KARTOKHA (‘spud’ in Russian) by hackers, the virus first appeared on the black market last spring, showing traces of the Russian language all over the place, particularly in the comments accompanying the programme.

According to the cyber-security company iSight, the ‘spud’ attack on Christmas sales is “unique”. “The intrusion operators displayed innovation and a high degree of skill,” the company’s desiccated report says. Professional appreciation touched with envy shines through, especially in their praise for the near invisibility of the programme.

This is due in part to the programme’s unique feature: unlike other such viruses that all operate around the clock, ‘spud’ is active only during the prime shopping hours between 10 am and 5 pm. 

The Target hacking worked as a double whammy. First, the firm’s card payment devices were infected with the virus, which made them transfer all data on Target’s own servers. Then the hackers breached the servers’ firewall and collected the stolen data.

Another security company, IntelCrawler, went further in its investigation. Apparently the virus was designed by a 17-year-old denizen of Petersburg. Now that’s what I call precocious: the youngster isn’t just a computer genius but also a smart business operator.

The tyke has sold more than 60 versions of the virus on the black market and, though according to IntelCrawler his name is “well-known to experts”, presumably including the police, he hasn’t yet been arrested.

Part of the reason is that the lad isn’t greedy: he flogs his software but doesn’t use it himself, even though he must be sorely tempted. Then of course, with a perspicacity amazing in one so young, he has probably learned how to keep Russian authorities sweet by sharing some of his ill-gotten gains.

(Back in the USSR the West was described as a place where ‘everything can be sold and bought’. Replace ‘everything’ with ‘everyone’, and you’ll have an accurate idea of Russia today.)

I don’t know if this bit of news will make you take scissors to your charge cards. Probably not – our purchasing habits are now too ingrained to abandon altogether.

But if you’re planning to visit Russia in the near future, perhaps to find out how it’s possible to stage cross-country skiing events in subtropical Sochi, it may be a good idea to take a large amount in cash.

That is unless you’re prepared for the good news of a monthly statement listing a few thousand’s worth of goods you never bought. If the brand names are in Russian, you’ll know what’s what.

 

My new book How the Future Worked is available from www.roperpenberthy.co.uk, Amazon.co.uk and the more discerning bookshops.

 

 

 

 

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.