CyberCop system, a russian project against cybercrime

This time I desire to speak about an interesting initiative of Group-IB company, a resident of the Moscow-based Skolkovo Foundation, that has received a grant in the amount of 30m rubles (approximately $966,000) for the development of a global counter-cybercrime system.

The funds is co-financed by the Skolkovo Foundation which has provided 21m rubles ($676,000), and LETA Group also the Group-IB’s controlling company.

I’m following the company since the pubblication of an interesting report on cybercrime activities conduced by the Russian mafia and other criminal organizations, the numbers are impressive, the figures are doubled in 2011.

The official estimates says that the global cyber crime market was worth $12.5 billion in 2011, $4,5 billion of the market are related to Russian speaking cybercrime market and $2.3 billion took place in Russia alone. Related to last years the grow is doubled.

The report provides a clear picture of the cybercrime market providing an interesting perspective on analysis, cybercrime studied as part of a local economies of a region.

What is the system for crime prevention to be built?

The project, named The CyberCop system, is a set of tools that allow users to detect anomalous activities in cyber space and to neutralize the cyber threats which generated them. CyberCop requires for its realization around 1.5 years and it will support the crime detection and also cyber threats prevention thanks a sophisticated system of “early warning”.

The system is not only oriented to Russian market, cybercrime doesn’t know boundaries, that’s why the company is orienting its offers to law enforcement, private companies and financial institutions.

I have contacted Andrey Komarov, Head of International projects, at Group-IB submitting that explained me that the CyberCop system has a modular architecture that will be grant future evolution of the platforms to respond to incoming cyber threats.

The modules that compose CyberCop are:

• CyberCrimeMonitor for processing and archiving of data.
• Botnets Intelligence subsystem for gathering information about botnets by its syncholling or interception.
• FraudMonitor specific for financial sectors that implements algorithms for detection and  preventions of cyber fraud.
• BrandPointProtection module responsible for Internet monitoring and detection of copyright infringements and phishing attacks.

Following an abstract of my talk with Andrey Komarov:

Q: What are unique selling points (USP) of CyberCop?
A: The most important part is botnets intelligence module and data-mining techniques for making correlation of potential fraud activities and cybercrime.

Q: How do you plan to develop CyberCop in plan of global project?
A: Group-IB plans to make flexible integration for e-commerce, banks, online-shops, dating web-sites, and etc., it will help to make CyberCop world known platform with deep filtering engine. The main idea of the project is to gather the data of different sources about new cyberthreats and challenges.

Komarov also added:

“CyberCop has special botnets intelligence module, which helps us to agregiate the data about different security incidents. For now, we have prevented more then 2 000 thefts on online-banking of russian, EU banks and e-commerce. We are working on the integration for online-bankings of famous vendors.”

“We plan to provide special interfacie to LEA of different countries and make for them special secure zone, which will be independent from all the data we have to make their work secure and efficient.”

I find the project really interesting, technology gives great opportunities to crime but provide also the instruments to try to prevent and mitigate its menace … Group-IB is in the right direction.

Pierluigi Paganini