Tag Archives: Organized crime

Decoding the Pizzini

From the pages of the International Herald Tribune comes a glimpse of a world where clandestine communication retains the old and tested methods of hand to hand. When a godfather becomes expendable  is a piece by Andrea Camilleri, the author of “The Smell of the Night” and other novels in the Inspector Montalbano series. In it he describes the way that captured Mafia boss communicated with his subordinates while on the run:

The authorities said that Provenzano would transmit his orders – regarding such matters as who should be rewarded with government contracts, whom one should vote for in local and national elections, how one should act on specific occasions – by means of pizzini, little scraps of paper folded several times over, which his trusty couriers (mostly peasants with spotless records) would pass from hand to hand along lengthy and seemingly random routes.

These were necessary precautions to reduce, as much as possible, the risk of interception. One pizzino, for example, took more than 48 hours to travel the mile between the boss’s cottage and Corleone. Others could take weeks to reach a nearby destination. The telephone was out of the question.

Amazing that such methods are still in use today — and a sober reminder of several things.

  • Not much the Internet, or police forces, or intelligence agencies, can do to monitor this kind of thing unless they get off their heinies;
  • Is it just the Mafia using this kind of thing? Or are other underground organisations doing it? The organisation I know a little about — Jemaah Islamiyah, the al Qaeda-linked Indonesian terrorist group — use a combination, and while their technical skills have grown quickly, far more quickly than the people monitoring them, they still retain networks that don’t use any form of modern communication;
  • This ageless form of communication may yet be around for a lot longer than our beloved Internet.

Anyway, I find this whole ‘pizzini’ thing fascinating. It has more to do with The Da Vinci Code than with Mafia-watching, but technology could offer some clues to deciphering them. Some 350 of these encoded messages exist, apparently, mostly in the form of numbers. Other messages were left in a bible, with certain passages underlined.

Some notes, according to The Guardian, have been deciphered, illustrating recruitment problems and that Bernardo Provenzano was addressed as “vossia”, the deeply respectful and indeed archaic, form of “you”. What it doesn’t say is how they were decoded, and whether that breaks the code for the others.

If it doesn’t I call on the Italian police to release them to on the Internet and let us have a crack at them. I’ll never manage it, being useless at this kind of thing, but now everyone does Sudoku puzzles in the bath, I suspect your average commuter will make short work of decoding them.

 

The Big Ring

Good piece today by my WSJ colleague Cassell Bryan-Low on the Douglas Havard case which I mentioned a week or so back: As Identity Theft Moves Online, Crime Rings Mimic Big Business (subscription only, I suspect):

Most identity theft still occurs offline, through stolen cards or rings of rogue waiters and shop clerks in cahoots with credit-card forgers. But as Carderplanet shows, the Web offers criminals more efficient tools to harvest personal data and to communicate easily with large groups on multiple continents. The big change behind the expansion of identity theft, law-enforcement agencies say, is the growth of online scams.

Police are finding well-run, hierarchical groups that are structured like businesses. With names such as Carderplanet, Darkprofits and Shadowcrew, these sites act as online bazaars for stolen personal information. The sites are often password-protected and ask new members to prove their criminal credentials by offering samples of stolen data.

Shadowcrew members stole more than $4 million between August 2002 and October 2004, according to an indictment of 19 of the site’s members returned last October by a federal grand jury in Newark, N.J. The organization comprised some 4,000 members who traded at least 1.5 million stolen credit-card numbers, the indictment says.

The organizations often are dominated by Eastern European and Russian members. With their abundance of technical skills and dearth of jobs, police say, those countries provide a rich breeding ground for identity thieves. One of Carderplanet’s founders was an accomplished Ukrainian hacker who went by the online alias “Script,” a law-enforcement official says. As with many of its peers, the Carderplanet site was mainly in Russian but had a dedicated forum for English speakers.

Well worth a read as it details how Havard’s UK operation worked.

Is It Really The Russian Mafia?

TechNewsWorld, in an article entitled “Worm Variants Part of Russian Mafia Extortion Scheme”, quotes Gartner research director Richard Stiennon told TechNewsWorld as saying of the recent spate of computer worms: “the real intent of the dueling viruses is to deny site availability to online gaming companies and other sites that have not complied with Russian mobsters’ demands”. But is it? And who are these ‘mobsters’?

Stiennon is quoted as saying, “The worm writers this time around are really cyber criminals in Russia. They’re using [the worms] to recruit bots (compromised computers) to launch denial-of-service attacks, mostly against online gaming sites, after failing to extort large payments from the sites.”

Unfortunately there’s no further evidence provided about just who these mobsters are. I’m willing to believe that some Russians are behind it, and I’d love to see some evidence that online casinos are being extorted, but I’m less willing to believe it’s the Russian Mafia (or mob). In Russia the mafia are a quite distinct — and very powerful — part of the establishment, but they’re not quite the same thing as the range of individuals, and loose-knit groups, that populate Russia’s online world.

This kind of report has been doing the rounds for at least a year (The Russian Mafia were also suspected of being behind the October 2000 assault on Microsoft’s servers). I’m not saying it’s wrong, but I think those who utter it have a responsibility to produce more evidence than we’ve seen so far.