“Understanding how computers work (if he did) doesn’t mean he also understood how money tracking works”

This has been the Achillies heal of crackers in the past.

However there is increasing evidence that the smarter crackers have become “guns for hire” and either work for or have teamed up with experiance conventional criminals for whom money laudering is part and parcel of their everyday activities.

I had a long chat with somebody at a major Dutch bank recently on just this particular problem as they have seen an increase in the related types of money laundering.

“the police only have to be lucky once, the criminal has to be lucky all the time”

Depends on your type of criminal I would argue the exact oposit when it came to terrorists…

Of course, those (both police and criminals) who practice their trade diligently, research new techniques and the failings of old ones, and above all have some grasp of what operational security is all about, will make their own luck.

In Risk Management you will usually see a couple of ‘near misses’ before something bad happens. For criminals, these near misses act as negative feedback allowing them to hone their skills in avoiding detection.
Hackers dont often get these opportunities.
[some might argue this point - Kevin Mitnick had plenty...]

In general, I feel that ignorance of the proximity/progress of law enforcement is the key factor, coupled with the ‘hysteresis’ of the law enforcement response - i.e. typically, online criminals proceed without intervention while officers build a case until the day the knock on the door comes.

“…he is said to be very bright and very skilled …”

I think the first question you should ask is

“By who’s standard is he very bright and very skilled”

If it is by the Judge or a Journalist then yes he may appear to be very bright. But by a security expert he might appear not very street wise or somewhat silly.

Many years ago Arther C. Clark made an observation about “any sufficiently advanced science would appear as magic”

Well the same applies to current technology.

That said, I wonder if Akill’s downfall was mistakes made during operation. While I like the idea of operational analysis of running a botnet, I notice that most of these guys have a very active online presence and a chatty social network. The treachery of heir network is also a vulnerability.

Even if he was the most intelligent of the intellects in the underworld, he (or she) would still have to constantly analyse his (or her) disposition to ensure that no mistakes were being made in the name of the aforementioned tendency.

Once a hacker comes under the attention of law enforcement, I imagine he remains rather in the dark about the skills and resources of his attacker. Whilst a hacker may know that in theory police can do X,Y, and Z, I imagine he really has no clue about how much time, effort and resources his opponent is really devoting to him.

Ulimately, I think this lack of attention paid to understand ones enemy is the systematic act of carelessness which is a hackers undoing.

Disclaimer: I am not a hacker, a criminologist nor a law enforcement expert. Oh dear I guess I’m guilty of the same lack of understanding that I’ve accused of being the hackers undoing!

Mike