The Mob's IT Department

An anonymous reader writes: An article at Bloomberg relates the story of two IT professionals who reluctantly teamed up with an organized criminal network in building a sophisticated drug smuggling operation. "[The criminals were] clever, recruiting Van De Moere and Maertens the way a spymaster develops a double agent. By the time they understood what they were involved in, they were already implicated." The pair were threatened, and afraid to go to the police. They were asked to help with deploying malware and building "pwnies" — small computers capable of intercepting network traffic that could be disguised as power strips and routers. In 2012, authorities lucked into some evidence that led them to investigate the operation. "Technicians found a bunch of surveillance devices on [the network of large shipping company MSC]. There were two pwnies and a number of Wi-Fi keyloggers—small devices installed in USB ports of computers to record keystrokes—that the hackers were using as backups to the pwnies. MSC hired a private investigator, who called PricewaterhouseCoopers' digital forensics team, which learned that computer hackers were intercepting network traffic to steal PIN codes and hijack MSC's containers."

MITM or unencrypted

[DigiShaman]

"hackers were intercepting network traffic to steal PIN codes and hijack MSC's containers"

So this was a MITM capture, or the PIN data was flying through unencrypted.

Re:MITM or unencrypted

[guruevi]

Most likely they assumed, as most companies these days erroneously do, that their entire internal network is 'secure' and thus does not need encryption. Besides these dedicated devices, most corporate networks don't protect much against visiting and malware infested laptops. Even if they are aware of the chance of someone bringing a virus from home, they rather turn to device 'access controls' and trusting the device to self-report over securing the internal systems.

more important question...

[freeze128]

How much does the mob pay an IT worker? It might be better than legit companies.

Re:more important question...

[Shakrai]

These two were making €12,000 and €20,000 per month, before their involvement with the criminal element. One of them was seeking start up capital for a business venture and allowed himself to get roped in that way. If you give them the benefit of the doubt the best you can say about them is they were naive. In the worst reading they were greedy and willfully complicit. I suspect reality falls between those two extremes.

Re:more important question...

[swb]

I've worked as an SMB consultant and almost every SMB owner I've run into is some kind creepy, shifty guy who is coming as close as he can to "the line" and often crossing it. At a minimum it's every conceivable tax dodge imaginable -- luxury company car as a daily commuter, no-show family members on the payroll, tons of business-paid home technology for personal use, and so on. Who knows what it is at maximum. Probably outright tax fraud, siphoning cash, cheating employees, whatever.

You could make a believable narrative that has two small-time entrepreneurs looking for investors and/or work are just *used* to the kind of slimeballs that are out there and don't really ask too many questions. Call it conditioned ignorance.

I don't know how cost of living translates, but I do think their incomes, especially the guy with a regular job (IIRC) would make them be a little more selective. That part I find kind of fishy.

But it's also not hard to see once they saw they were dealing with guys with guns that going along with it but with willful incompetence wouldn't have seemed like a totally unreasonable strategy. What are your choices? Run away and look over your shoulder for years?

They are trying to get off...

[bobbied]

Once you realize what you are doing and for who you are doing it, you contact the authorities. These guys continued to cooperate, continued to engage and despite their attempts to soften their story, are responsible for their actions. Intimidation is not an excuse, it's perhaps a reason, but it doesn't absolve you of the moral and ethical obligation to turn yourself in.

My guess is that they are trying to get some sympathy by cooking up this "We tried to resist, without getting killed" defense. At the very least, you use all that IT knowledge and start reaching out to authorities. Heck, walk into a police station and turn your self in, offer to be an informant, explain to them what's going on and tell them you need help getting out. I'm sure any number of customs officials would have jumped at the chance to help them out for the information they obviously had. I'm also sure that any prosecutor would have loved to let them plea bargain (or just plain offered immunity) as well.

No, despite the intimidation they claim, I'm not inclined to believe they where powerless to help themselves, nor am I inclined to think they should be given lighter sentences for what they participated in. The jails are full of people who claim they where wrongly incarcerated. Some claim to be innocent, some claim the sentence was wrong, some claim they couldn't help it, but nearly all of them are just lying. These guys are in the same boat.

Re:They are trying to get off...

[PopeRatzo]

Have you ever lived anywhere where there was a significant mob presence?

No, I live in Chicago.

Seriously though, growing up on Taylor Street in Chicago's Little Italy neighborhood, we all knew who the mob guys were, and many of them were part of our extended families. I used to go fetch cigars for the old men who sat in front of the social club drinking espresso and they'd give me dollar bills and sage life advice. The barber and the tailor at Taylor and Loomis were both bookies.

Part of the mob's effectiveness is that it destroys trust in the normal functioning institutinos of society.

Actually, in the case of the Chicago mob, they didn't destroy trust in those institutions, they replaced trust in those institutions for people who were blocked from having access to them. Today, if you want to get a bet down, you just have to go online or buy a lottery scratch-off ticket. Back then, you had to go see the barber. If you needed a loan, you saw the loan shark (who actually charged less interest than today's payday loan joints). If you needed the pothole in your street fixed, you went to talk to the precinct captain (who could be found putting down a bet with the barber or drinking espresso at the social club).

So see, the mob didn't destroy trust in normal functioning institutions of society, it created trust in people where the institutions of society didn't function properly.

Today, those old mob guys are almost all dead, and their kids went to med school or law school and are living out in the suburbs or on the North Side. All the mob's wealth has been laundered through the "normal functioning institutions of society" and their kids and grandkids are paragons of those functioning institutions. The mob here has always been the way immigrant populations assimilate. Do you think the fortunes of any of the great families in the US were built very differently? From Rockefeller to Kennedy to Romney, the fortunes are always built on something a little sleazy.

This all may be different where you are. This story happens to be about "the mob" in Belgium, which I can't even imagine. Maybe they control the black market waffles or something.

Re:They are trying to get off...

[PPH]

skip the police go to the feds

Go to the feds carefully. And anonymously.

We had a guy who 'went to the feds' with a bunch of damning evidence on a corrupt outfit in my town. The feds he went to were already pwned by the company (see: regulatory capture). They just said, "Not interested." The they called the company up and told them who had snatched the documents so they could go to the police and have him charged with theft.

This guy should have set up an anonymous connection and not surfaced until he saw the feds marching executives off to the Crowbar Hilton.