On October 28, 38-year-old Russian hacker Vladimir Dunaev was arrested and arraigned in United States (U.S.) federal court. Formerly a member of a criminal group called Trickbot Group, Dunaev helped develop Trickbot – a malicious software that continues to hack into the financial accounts and data of businesses, schools, hospitals, and even governments. Recently charged with conspiracy to commit computer fraud and aggravated identity theft, the Russian national will face a prison sentence spanning over 60 years if found guilty on all counts. Heralded as a small win against the cyber terrorists, the U.S. still has a long way to go in capturing the remaining cybercriminals.

What is Trickbot?

According to CNN, Trickbot is a type of malware that hacks into computers in order to steal online banking login credentials and harvest personal information, such as credit card numbers, emails, and social security numbers. Trickbot also facilitates the installation of ransomware, threatening to destroy data unless a certain amount is paid, earning its cybercriminals millions of dollars. These cybercriminals have drawn upon a network of co-conspirators and freelance computer programmers to extend Trickbot’s attacks to a global scale.

Dunaev’s role in Trickbot was to develop popular browser modifications and to help avoid detection by security software. With Dunaev arraigned, the Department of Justice (DOJ) has considered it a small win against the group, emphasizing their commitment to capture the remaining criminals – “with our international partners, the DOJ can and will capture cybercriminals around the world.”

Indeed, this arrest is noteworthy insofar as Washington does not have an extradition treaty with Moscow, which means that the DOJ normally has to wait for Russian criminals to leave the state in order to criminally prosecute them, taking years on end. In the case of Dunaev, his arrest can partly be owed to the Biden administration’s increasing diplomatic pressure on Moscow to address cybercrime, especially in the face of continued ransomware attacks against U.S. companies.

The Fight is Far from Over

However, despite diplomatic pressure, the fight against Trickbot, and largely ransomware attacks, is far from over. Moscow has largely remained indifferent to the U.S.’s concerns, with more Russian cybercriminals targeting U.S. companies. Indeed, according to CNN, the Sinclair broadcast group, one of the biggest TV station operators in the States, was hacked by a malicious code suspected to belong to a Russian crime group last month. In this way, while two Trickbot criminals have been arrested as of current, the cybercriminal group has faced no setbacks.

Indeed, Trickbot seems to have only grown more in the face of these arrests; according to CNN, Trickbot struck deals with two other criminal groups to distribute their malware. In response to these threats, the U.S. Treasury Department has imposed sanctions on cryptocurrency exchanges, which prevents U.S. corporations from doing business with cybercriminal groups. The U.S. has buddied up with other nations so as to fight against transnational cybercriminal groups, holding a 30-country virtual meeting to that end in order to discuss the best way to address the ransomware attacks and prosecute the cybercriminal groups, according to CNN.

Where Korea Stands

Thanks to Korea’s extradition treaty with the U.S., Dunaev was promptly captured upon discovery of his residence here in Korea. Though not targeted by Trickbot, Korea has been plagued with cyberattacks – mainly from North Korean hackers and domestic criminals. Indeed, the nation has suffered 127 ransomware attacks this year, which is double the figure reported in the years 2018 and 2019 combined. Moreover, according to Cybersecurity Ventures, the damage from ransomware attacks is estimated to amount to about $20 billion this year, a steep 57 fold increase from the figure in 2015.

This increase in hacks can be attributed to the expansion of scope – ransomware attacks have started to target small companies and even individual PCs, which have weak security systems. They have also changed in focus – while hackers initially encrypted a victim’s database, they now threaten to publish data, demanding a ransom from companies, which companies often submit to in fears of hurting their brand image.

In order to combat the ransomware attacks, Seoul has cracked down on ransomware operators, filing charges against them. According to The Korea Herald, the Ministry of Science publicized that it would enact information security consulting plans to support over 600 small and medium-sized companies, giving them 15 million won in compensation. This financial plan is perhaps commendable as companies and banks alike do not have a budget sufficient enough for cybersecurity.

Indeed, according to Professor Kim Byungki (Division of International Studies), “In Korea, the issue is that banks face both malware issues and loyalty issues. Regarding the latter, employees sell financial information to others. In this way, it is both a human problem and technical problem that requires more investment into developing technologies and training employees on customer privacy, which most banks see as not being worthy of significant investment.”

Along with increases in budget, cybersecurity can be strengthened on two other levels, according to Professor Kim. “Firstly, there needs to be more training and awareness about cybersecurity, with formal education about the issue starting from kindergarten, I would argue. Secondly, technologies need to be developed – governments must increase their capability to preempt cyberattacks, capturing criminals using online information. This defense mechanism, however, can be rather controversial as therein lies issues of privacy – trying to locate criminals necessitates the use of information on citizens.”

Thus, it has become evident that both nations, and largely the globe, are grappling with cybersecurity attacks. What nations need to do then is not only to band together to exert pressure on certain states but to improve their cybersecurity so as to best defend themselves. Doing so will not only lead to more accountability on governments to capture cybercriminals but will also leave governments and corporations less vulnerable to the rapidly growing number of cyberattacks today.