Attorney, published author
Nicholas Wooldridge stands in his lush office in Downtown Las Vegas
With the global nature of the Internet, cybercrimes committed abroad that impact citizens of particular countries will lead to legal action in those countries. In reality, someone can commit a crime in their bedroom, never leave, and then find himself cast into spotlight in places like the United States.
When this happens, these hackers (or even wannabe hackers) need representation.
Nicholas Wooldridge, a top defense lawyer still to lose a trial, who, in part, gained his reputation by defending "powerhouse" computer
criminals from Eastern Europe. His renowned Las Vegas-based firm, LV Criminal Defense, provides dedicated service for people accused of various cybercrimes.
The defense works around the clock – Nick's schedule is booked for months in advance. As he confesses, "I've not been able to go on a vacation for a decade, nor I plan to any time soon."
From representing some of the world's most notable hackers, Wooldridge has seen both the good and bad aspects of the cyber world. In this interview, we ask Wooldridge about his experience working with the seemingly elusive type of defendants.
Our research found that you have represented some of the
leading global hackers. What was the most compelling case that you can discuss?
Many of them were extremely interesting, but probably the most exciting case, at the time, I represented him would be Oleg Nikolaenko. Oleg was a young man, very young at the time of his arrest, and was extremely intelligent. Mr. Nikolaenko was accused of being the "King of Spam", even though I would call him more of a prince than a king given his young age.
Back in 2010, the Government believed Mr. Nikolaenko was responsible for
approximately one-third of the United States spamming activities. This is quite an infamous accomplishment for a young man in his early 20s. I was always impressed with Nikolaenko and his intelligence.
Even his knowledge of the law and the manner in which he took a strong interest in his case, his defense strategy, so to say.
We ended up working out a phenomenal result for Mr. Nikolaenko, and fortunately, he was able to return to his native country.
What are some common traits you have found amongst
world-class cybersecurity (both white hat and black hat) professionals?
The most common traits are that they are highly intelligent; they have a love for technology and enjoy or take pride in being able to hack systems. Black hats are hackers that are using their intelligence for
nefarious purposes, while white hats are using their intelligence for
"good" purposes to help make systems more secure.
In some ways, hackers are much like criminal defense lawyers. Yes, I said
it. A good criminal defense lawyer enjoys the thrill of being able to
beat the system, especially when the system gets it wrong.
How much of a factor is social engineering within cybercrimes?
This is a significant factor in nearly all cybercrimes. A cybercrime, by its nature, involves fraud and deceit. Many of the cyber attacks made on U.S. companies, citizens, and even the Federal Government involve social engineering as a basis for access.
For example, the primary means of social engineering usually comes with an offer too good to be true. Cybercriminals will usually always gain access by appealing to human nature and proclivities, like greed, love, and fear.
This can be illustrated with communications from cybercriminals people may find in their emails or other forms of direct communication that appeal to a person's desire for more money, for a romantic connection, and/or to prevent an arrest, an attack, a death, or the security of a person's system. Through these appeals, targets of cybercrimes are not thinking clearly or logically, and are incredibly vulnerable to being a victim.
What are the biggest legal challenges you have faced
working in this industry?
I have defended more than a few celebrities and cases with national attention. The biggest legal difference and is recognizing the complexity and technological aspects of the cases.
Computer crime cases generally have terabytes of information to review and understand.
The Government has a team of lawyers, and law enforcement personnel sorting through and dissecting the information. Often, experts need to be consulted to have a firm grasp on the latest technological advancements.
Are human weaknesses or technical weaknesses a greater
threat to the collective security of the Internet?
That is a complicated answer to quantify. I would say both are imperative. Technical weakness in our systems creates opportunities, and we continuously have to update our technology to circumvent cyber attacks.
With regard to human weakness, there are certain vices that we all humans have and will always have, like greed and a desire to be wanted and loved.
Often cyber attacks focus on these weaknesses to make the public unwitting participants in cybercrimes.
Anything else you would like the world to know?
We, as the United States, need to be at the forefront of advanced technology and cybersecurity. Nearly all personal, governmental, and economic data is stored via cloud technology.
Business, communications, and personal interaction are almost all done over the Internet. Pouring vast amounts of resources into prosecuting cybercriminals is not the solution.
Most cybercriminals live abroad and don't think about getting caught or the ramifications if they do get caught. Many of them never will be caught because we lack the ability to extradite them from places like Russia.
The solution is to make our systems secure and invest in advanced technology to combat cyber attacks.