Global Cyber Crime: The Playing Field, The Players -The Perfect Storm

Guest writer Paul E. Lubic, Jr. takes a close up look at those who are really responsible for cybercrime – organized crime syndicates. You may find some surprises here.

image In my recent article Internet: The Good, The Bad, And The Ugly, I mentioned that organized crime was responsible for much of the malware and hacking now abundant across the Internet.  This article will delve into those organizations and where they’re located across the world.

It’s important to point out that the global economy and the Internet play an important part in how many cyber criminals are in business, and where they operate.

The international bestselling book The World Is Flat: A Brief History of the Twenty-First Century by Thomas L Friedman, analyzes globalization, primarily in the early 21st century.  The title is a metaphor for viewing the world as a level playing field in terms of commerce, where all competitors have an equal opportunity.

Friedman astutely points out that because of the Internet, the personal computer, and other technological advances, businesses can provide products and services to customers across the world when heretofore the cost of doing so was prohibitive.  So…what’s this got to do with global cyber crime?

The criminal element, recognizing that there was money to be made, took advantage of the “flat world” just as the legitimate businesses have.  Thus, there has been an explosion of cyber (Internet) criminal activity across the world…primarily by organized crime syndicates.

But, the recent development of these syndicates selling hacking tools packaged in such a way that an inexperienced hacker can operate a “productive” criminal business, has allowed much smaller players to enter this lucrative field.

Authentication firm VeriSign, recently reported that they studied 25 botnet herders across 3 online forums and found that botnets could be rented for an average US$8.59 per  hour on which hacking attacks could be launched.  A 24 hour rental goes for around US$64 on which could be run several different attack vectors.  We’re talking about cost similar to a flash drive or a box of printer ink cartridges!

Who are these syndicates?

As you might expect, they prefer to remain secret and as anonymous as possible in order to avoid detection and arrest.  However, we know that they are highly organized and very complex cyber crime organizations.

In recent years they have transformed from individual operations to an organized multi-layered network of cooperating syndicates.  Some of their names are China’s Gray Pigeons and Honkers Union of China; and the largest and most successful Russian Business Network of the Russian Federation.

Steven Chabinsky, deputy assistant director in the U.S. Federal Bureau of Investigation’s (FBI) cyber division recently told participants of  a US government trade show that criminal hacker organizations are operating with increasing corporate-like efficiency and specialization.  He listed some of the specialized roles in cyber crime organizations:

Coders, who write the exploits and malware.

Distributors, who trade and sell stolen data.

Tech experts, who maintain the criminal enterprise’s IT infrastructure.

Hackers, who search for and exploit vulnerabilities in applications,systems and networks.

Fraudsters, who woo potential victims with social engineering schemes like phishing and spam.

Hosted system providers, who offer illicit content servers.

Cashiers, who control drop accounts and provide names and accounts to other criminals for a fee.

Money mules, who complete wire transfers between bank accounts.

Tellers, who transfer and launder illicit earnings through digital currency services.

Organization leaders, who assemble the team and choose the targets.

Where do these criminal threats come from?

ThreatExpert.com reports that the worldwide distribution of threats is as follows:

China   31%

Russian Federation 22%

Brazil    8%

United Kingdom  6%

United States   6%

Spain    4%

Germany   4%

Others   19% (Includes: Canada, India, Iran, Algeria, Egypt, Syria, Iraq, Saudi Arabia, South Korea, and Turkey).

As indicated above, China is the threat leader, and has been for some time.  However, security software vendor Zscaler indicates a new threat is emerging in South America; where 7 of the top 10 countries with high saturation of malware-distributing servers were South and Central American nations.

These include Brazil, Bolivia, Peru, Argentina, Paraguay, Ecuador and Colombia.  My own organization’s security logs reflect this trend with increasing numbers of attempted attacks from all these countries and more…every day.

The threats referred to in this article include: malicious mail servers which send millions of phishing and ad-related spam email; viruses; keylogger bot programs that record keyboard keystrokes to collect user access Ids, passwords, and bank account numbers which are sent to the criminal controllers of the bot for use in identity theft and bank fraud; and various backdoor Trojans that allow future access by other malware.

This perfect storm of:

1. A flat world facilitating global business activity.

2. The involvement of organized crime syndicates.

3. The selling and renting of malware packages and botnets to the criminal masses has radically increased the malware, hacking, and subsequent danger present on the Internet today.

Guest writer Paul E. Lubic, Jr. is a long time IT professional who has held the positions of programmer, IT Security Manager and Chief Information Officer.  His interests lie in the IT security area, but he writes on all categories of technology.

Paul is a mature and seasoned writer, with a rare ability to break down complex issues into an easy to understand format. Check him out at his Blog – Paul’s Home Computing.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

25 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, Guest Writers, Interconnectivity, Internet Safety, internet scams, Internet Security Alerts, Windows Tips and Tools

25 responses to “Global Cyber Crime: The Playing Field, The Players -The Perfect Storm

  1. Cappydawg

    GREAT ARTICLE, very interesting how the emergence of the South America countries are jumping on the ban wagon. And I never imagine how many people would be involved. Amazing! Why can’t we all just play nice in the sandbox?

    • Bill Mullins

      Hey Cappydawg,

      With the state of the Internet today, it definitely pays to play in a sandbox – like Sandboxie, GeSWall, etc. 🙂

      Bill

    • Cappydawg,
      Thanks, glad you liked it. My thinking on the increase of cyber crime in South America is that those people are needing income and the Net is an easy way to get it. I also see growing activity from African countries…probably for the same reasons. Thanks for checking out my article.
      Paul

  2. Pingback: What Is The Optimum Computer Setup?* « Tech – for Everyone

  3. Terrific article Paul.

    Bill

  4. Liam O' Moulain

    Bill, Paul,

    Great article which really shows what we’re up against.

    Liam

  5. Mal

    Hey Bill,

    I long for the days when malicious code was written by some nerdy, pimply teenager with big thick coke bottle glasses. They were dangerous, but not like this lot we have to put up with now.

    Cheers

    • Bill Mullins

      Hey Mal,

      Ah, for the good old days. Long gone and never to return, I’m afraid.

      Best,

      Bill

    • Mal,
      Good observation. The definition of “script kiddies” has changed from the one you describe to one of grown-up crooks…with an attitude.
      Paul

  6. Unfortunately, that is and will be getting worse.
    Consider the fact that such a seemingly minor spam brings huge revenue to criminals, which the fingers concern.Of course various tasks for your business is not granted, but it is also the fact that spammers can steal e-mail addresses are of great advertising tool (free) in his hand, and thus earn their enormous sumy.Buy more and better hardware and devote increasingly more resources to the masking is not held criminally liable.
    And one more thing-the National Security Agency, 16 March 2010 carried out a great and a virtual call for all kinds of secret services – including the FBI. > more info > http://www.nsa.gov/public_info/press_room/2010/virtual_career.shtml
    Here in Poland, so you do not respect the people educated and you have many connections.
    Greetings 🙂

  7. Bill,

    This just goes to show, just how broken the internet is and how corrupt the world is… Great piece!

    Rick

  8. Pingback: Global Cyber-Crime Article | Paul's Home Computing Blog

  9. Pingback: A Look at Global Cyber Crime « CYBER ARMS – Computer Security

  10. Paul Yes – there are.
    Many young people in Poland upset that despite having legal training, award for brilliant theses and opinions from the world famous forensic (my work are Professor in the Department of Defense of the United States), none of us do not even want to talk, when sending out documents on the work . > http://kryminalistyka.prawo.uni.wroc.pl/ and here > http://prawo.uni.wroc.pl/pracownicy/269
    We do not have such beautiful initiatives like this, about which I wrote a webpage link to the National Security Agency.
    A great article.
    Regards.

  11. Ranjan

    Really, a very nice article Paul…
    So well organised and explained in simple terms that even a novice can understand..
    Enjoyed reading it..

  12. Pingback: The increase of cybercriminaliteit

  13. Pingback: The Global Cyber Crime Marketplace « Bill Mullins' Weblog – Tech Thoughts

  14. Pingback: In The News: China’s Malware Industry Goes Commercial | Paul's Home Computing Blog