Return of the Guru

The Justice System is a Cybercriminal’s Best Friend

Ara Trembly
Insurance Experts' Forum, September 9, 2010

“Crime doesn’t pay,” says conventional wisdom, and in most cases I would agree. Unless, of course, we’re talking about cyber-crime, which, in fact, pays very handsomely and is infrequently prosecuted, because the perpetrators are rarely caught.

Even when the bad guys are apprehended, however, they can count on a powerful ally to bail them out, or at least greatly reduce their pain. That ally is the feckless and apparently clueless justice systems that fail to dole out suitable punishments to such miscreants.

The Moscow Times reports that a major hacker was handed a six-year suspended sentence recently after he pleaded guilty to participating in a worldwide scheme to withdraw $9 million from automated teller machines. Viktor Pleshchuk, 28, received a reduced sentence, which includes four years of probation, prosecutors said. He agreed to provide information about other hackers who cracked a computer system at RBS WorldPay, the U.S. payment-processing division of Royal Bank of Scotland Group, and cloning ATM cards, said his lawyer, Yury Novolodsky. Pleshchuk was also ordered to pay more than 275 million rubles ($8.9 million) to WorldPay.

Four years’ probation for stealing $9 million (and oh, by the way, please give back any money you haven’t spent or hidden)? Really? Makes one wonder if perhaps those Russian judges had a few too many belts of Stoli before donning their besotted robes. On the other hand, if you’re a youngster grappling with career choices, cyber-crime is looking awfully promising. After all, where else can you make $9 million in a day with very little risk? Certainly not in the financial markets.

Assuming the judges were in their right minds, however, what could possibly have made them hand down such a ridiculously light sentence? Perhaps we can get a clue from the remarks of Pleshchuk’s defense attorney, who said: “This is not a regular crime but a cybercrime, and Pleshchuk didn't really have a full understanding of the damage he was causing.”

Well, there you have it. If you break in and steal $9 million from a bank vault, you’ll likely do 20 years, but if you take the money using a computer, you serve not a single day. This was just a misguided young man out for a thrill ride who didn’t realize that taking $9 million was a major problem. That makes perfect sense, right? So, if your insurance data bank is raided and the data taken is used for things like identity theft, grand larceny and perhaps extortion, don’t have a cow, man. It’s just a youthful offender having fun with the computer.

Of course, the U.S. Justice Department took a slightly different view of this event, says the Times. Justice last year indicted Pleshchuk and seven other hackers in Russia and elsewhere in Eastern Europe, saying the group used “sophisticated hacking techniques” in November 2008 to compromise the data encryption that was used by RBS WorldPay to protect customer data on payroll debit cards. U.S. prosecutors called the crime “perhaps the most sophisticated and organized computer-fraud attack ever conducted.”

So it was highly sophisticated and organized, but the perpetrator “didn’t really have a full understanding of the damage he was causing.”  Wow. Let me try some of that stuff the Russian jurists are chug-a-lugging!

What further motivation could a prospective cyber-thief hope to get than seeing this absurd sentence handed down? Unfortunately, nothing short of long sentences at hard labor is going to have a deterrent effect on what has become the crime of the 21st century. Since such sentences are unlikely in the current “touch-feely” justice system, however, we can look forward to dealing with more of these innocent missteps by young criminals.

Ara C. Trembly ( is the founder of Ara Trembly, The Tech Consultant, and a longtime observer of technology in insurance and financial services.

Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on do not necessarily reflect those of Insurance Networking News.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

Trends in P&C and L/H/A Policy Administration Systems

Novarica research shows that nearly 40 percent of P&C and life/health/annuity carriers are currently replacing or planning to replace a policy administration system.

Product Configurators: Moving Insurers toward Self-Sufficiency

Insurers may like a vendorís full service model for updating policy content rules, but they donít want to be held captive if the vendor doesnít offer fast speed-to-market.

How Quote Data Can Deliver Powerful Business Insights

Quote data often is disregarded due to its volume, but properly managed can offer insights into product and pricing strategy, expense control, cross selling and upselling.

Insurers: Let's Be The Best

I donít like when insurance companies are hectored by people inside or outside of the industry about how they arenít innovative. Many insurers are leading the way in gleaning real results from emerging technology disciplines, including big data, analytics, mobile technology, and telematics.

6 Crucial Guidelines for Digital Insurers

Going digital isnít just something that can be accomplished by decree. It takes finesse to keep everything in sync.

Top Stories in Property/Casualty

Novarica Commentaries are available to clients only, but weíve posted direct links to some of the most important stories below.