Shadows And Light In The World Of Romanian Hackers

This small Eastern European country is the Wild West (good guys and bad guys) of the fight for Internet security.

Romania has become the no. 3 country in the world for cyber attacks.
Romania has become the no. 3 country in the world for cyber attacks.
Federico Varese

ALEXANDRIA — On the FBI's Most Wanted list is the name Nicolae Popescu.

Born in the small city of Alexandria, a two-hour bus ride south of Bucharest, Popescu is now in his early thirties and is known for sporting a crew cut and smart clothes. After creating a digital ruse to sell hundreds of fictitious cars on eBay, and pocketing $3 million, he was arrested in 2010, but eventually released on a technicality. He is now a fugitive from justice and the reward for any information to lead to his capture is at $1 million.

How has the small country of Romania become, according to data published by Bloomberg in 2013, the No. 3 country in the world for cyber attacks?

From Bucharest, a bus leaves every thirty minutes for Alexandria and costs the modest sum of five euros. On arrival, I'm welcomed by the former police head responsible for cybercrime, who remembers Popescu well. "He was one of many young people who, in the mid 1990s, found themselves in Alexandria's only Internet café," the officer recalls. "They were smart kids, they excelled especially in science and IT but had no job prospects. So some of them decided to use their talents against the law."

Since the time of the Communist dictator Nicolae Ceausescu, Romania has invested significant resources into computer science studies. As the country was denied access to Western technology, in addition to what was produced in the USSR, Romanians learned how to manage. Among other local advances, they turned out a self-sufficient microprocessor.

The legacy has largely been positive: Many of those young people are now working in London, Silicon Valley and Seattle, while several big American companies develop software and Apps in Bucharest.

A computer security expert tells me that in the early 1990s there were hundreds of micro-networks made at home by engineers on their weekends. This explains how Romania came to be the country with the fifth fastest Internet connection in the world. Those who live in the city of Timisoara, western Romania, have the fastest network on the planet. This level of connectivity is crucial to hacking websites (the so-called "Denial-of-Service-Attacks"), but also for many other virtuous purposes.

I sat down with Silviu Sofronie in the offices of BitDefender, the Romanian company that produces one of the world's most popular antivirus systems. On the wall is a world map made up of computer parts, and in the center of the room is a door that does not lead anywhere, with the letter B painted in bright red on white background. Some of the brightest minds of the computer world work here.

Sofronie is the team leader who analyzes the structures of new viruses. "Today, the greatest danger comes from Ransomware. In just the first three months of 2013, there were 250,000 variants identified," he explains. "How do they work? A user clicks on a perfectly legitimate site, such as Yahoo or the BBC, which has now been compromised. The site sends a "trojan horse" able to encrypt all files on their personal computer. When this happens, there is nothing we can do."

The next step is the redemption request, usually "between 200 and 500 euros." After receiving the money, the hacker sends a code to unlock the computer. Redemption must be paid in Bitcoin, the virtual currency. It's up to the victim to buy the Bitcoin to send to the hackers, and the transaction is impossible to trace — it's the perfect crime.

"The money laundering is done by those who pay the ransom, reversing the classical model of kidnappings," Sofronie says. "And soon, mobile phones will be targeted."

Just like the others

A series of blackmail viruses hit Italy in 2014 and the city of Bussoleno found itself with the whole network blocked and decided to give in to their ransomers — the only government to have admitted, courageously, that they were victims of cybercrime. The deputy prosecutor of Turin, Alberto Perduca, confirmed to La Stampa that in the district of Piedmont-Valle d'Aosta "there were 3,600 reports of computer crimes in 2014 and in most cases it was impossible to trace the culprits as the attacks came mostly from foreign countries, often far away."

Who are the Romanian hackers? In Bucharest we met Razvan Cernaianu, a 23-year-old who does not drink alcohol and loves rock music. "I'm just like anyone else, in some subjects at school I didn't do very well and I like girls," he says.

In the virtual world he is known as TinKode — one of the most famous Romanian hackers in the world. In his short career he has managed to compromise dozens of sites, including those of NASA and the British Navy and he boasts of having darkened the websites of several Italian newspapers (including La Stampa) with the Romanian flag.

In 2012 Cernaianu was sentenced to six years in prison and is now on probation. "Many of us started playing video games, then we moved on to test the flaws in computer systems. The most exciting thing for me was to be recognized, become famous, to subvert the system. But now I have finally stopped and I work for a legitimate company," he adds, noting that the founder of the company where he works is a retired Romanian general.

At a café on the outskirts of Bucharest, I met with a hacker who is still active. Constantly looking around, he left his phone at home and communicates through a Russian instant messaging system with a high level of encryption ("WhatsApp is for rookies," he says).

Soon enough he opens his computer. "Look at this illegal Romanian forum," he says. "Right now, there are 172,000 connected users. The topics discussed are where to purchase machines to clone credit cards, methods to penetrate PayPal and eBay, and strategies for targeted attacks.

TinKode was very active here before he was arrested. "We are all under observation," the anonymous hacker adds.

Dejected, he tells me that members of his community were hacked by Romanian spies who stole the list of participants to their secret meetings. "The choice we were given was simple: Go to jail, or work for your country."

In fact, many hackers are being paid by intelligence services. Not surprisingly, 41% of cyber attacks come from China. Recently an American website that hosts the Chinese edition of The New York Times (which is banned in the People's Republic) was targeted. The U.S., Russia and Romania are the other countries from which the majority of these hostile acts come.

The Cold War described by John Le Carré during the 1960s is today fought in the virtual world. This makes the Internet a perfect place for double agents.

Keep up with the world. Break out of the bubble.
Sign up to our expressly international daily newsletter!

In Argentina, A Visit To World's Highest Solar Energy Park

With loans and solar panels from China, the massive solar park has been opened a year and is already powering the surrounding areas. Now the Chinese supplier is pushing for an expansion.

960,000 solar panels have been installed at the Cauchari park

Silvia Naishtat

CAUCHARI — Driving across the border with Chile into the northwest Argentine department of Susques, you may spot what looks like a black mass in the distance. Arriving at a 4,000-meter altitude in the municipality of Cauchari, what comes into view instead is an assembly of 960,000 solar panels. It is the world's highest photovoltaic (PV) park, which is also the second biggest solar energy facility in Latin America, after Mexico's Aguascalientes plant.

Spread over 800 hectares in an arid landscape, the Cauchari park has been operating for a year, and has so far turned sunshine into 315 megawatts of electricity, enough to power the local provincial capital of Jujuy through the national grid.

It has also generated some $50 million for the province, which Governor Gerardo Morales has allocated to building 239 schools.

Abundant sunshine, low temperatures

The physicist Martín Albornoz says Cauchari, which means "link to the sun," is exposed to the best solar radiation anywhere. The area has 260 days of sunshine, with no smog and relatively low temperatures, which helps keep the panels in optimal conditions.

Its construction began with a loan of more than $331 million from China's Eximbank, which allowed the purchase of panels made in Shanghai. They arrived in Buenos Aires in 2,500 containers and were later trucked a considerable distance to the site in Cauchari . This was a titanic project that required 1,200 builders and 10-ton cranes, but will save some 780,000 tons of CO2 emissions a year.

It is now run by 60 technicians. Its panels, with a 25-year guarantee, follow the sun's path and are cleaned twice a year. The plant is expected to have a service life of 40 years. Its choice of location was based on power lines traced in the 1990s to export power to Chile, now fed by the park.

Chinese engineers working in an office at the Cauchari park


Chinese want to expand

The plant belongs to the public-sector firm Jemse (Jujuy Energía y Minería), created in 2011 by the province's then governor Eduardo Fellner. Jemse's president, Felipe Albornoz, says that once Chinese credits are repaid in 20 years, Cauchari will earn the province $600 million.

The Argentine Energy ministry must now decide on the park's proposed expansion. The Chinese would pay in $200 million, which will help install 400,000 additional panels and generate enough power for the entire province of Jujuy.

The park's CEO, Guillermo Hoerth, observes that state policies are key to turning Jujuy into a green province. "We must change the production model. The world is rapidly cutting fossil fuel emissions. This is a great opportunity," Hoerth says.

The province's energy chief, Mario Pizarro, says in turn that Susques and three other provincial districts are already self-sufficient with clean energy, and three other districts would soon follow.

Keep up with the world. Break out of the bubble.
Sign up to our expressly international daily newsletter!