Guest writer Paul E. Lubic, Jr. takes a close up look at those who are really responsible for cybercrime – organized crime syndicates. You may find some surprises here.
In my recent article Internet: The Good, The Bad, And The Ugly, I mentioned that organized crime was responsible for much of the malware and hacking now abundant across the Internet. This article will delve into those organizations and where they’re located across the world.
It’s important to point out that the global economy and the Internet play an important part in how many cyber criminals are in business, and where they operate.
The international bestselling book The World Is Flat: A Brief History of the Twenty-First Century by Thomas L Friedman, analyzes globalization, primarily in the early 21st century. The title is a metaphor for viewing the world as a level playing field in terms of commerce, where all competitors have an equal opportunity.
Friedman astutely points out that because of the Internet, the personal computer, and other technological advances, businesses can provide products and services to customers across the world when heretofore the cost of doing so was prohibitive. So…what’s this got to do with global cyber crime?
The criminal element, recognizing that there was money to be made, took advantage of the “flat world” just as the legitimate businesses have. Thus, there has been an explosion of cyber (Internet) criminal activity across the world…primarily by organized crime syndicates.
But, the recent development of these syndicates selling hacking tools packaged in such a way that an inexperienced hacker can operate a “productive” criminal business, has allowed much smaller players to enter this lucrative field.
Authentication firm VeriSign, recently reported that they studied 25 botnet herders across 3 online forums and found that botnets could be rented for an average US$8.59 per hour on which hacking attacks could be launched. A 24 hour rental goes for around US$64 on which could be run several different attack vectors. We’re talking about cost similar to a flash drive or a box of printer ink cartridges!
Who are these syndicates?
As you might expect, they prefer to remain secret and as anonymous as possible in order to avoid detection and arrest. However, we know that they are highly organized and very complex cyber crime organizations.
In recent years they have transformed from individual operations to an organized multi-layered network of cooperating syndicates. Some of their names are China’s Gray Pigeons and Honkers Union of China; and the largest and most successful Russian Business Network of the Russian Federation.
Steven Chabinsky, deputy assistant director in the U.S. Federal Bureau of Investigation’s (FBI) cyber division recently told participants of a US government trade show that criminal hacker organizations are operating with increasing corporate-like efficiency and specialization. He listed some of the specialized roles in cyber crime organizations:
Coders, who write the exploits and malware.
Distributors, who trade and sell stolen data.
Tech experts, who maintain the criminal enterprise’s IT infrastructure.
Hackers, who search for and exploit vulnerabilities in applications,systems and networks.
Fraudsters, who woo potential victims with social engineering schemes like phishing and spam.
Hosted system providers, who offer illicit content servers.
Cashiers, who control drop accounts and provide names and accounts to other criminals for a fee.
Money mules, who complete wire transfers between bank accounts.
Tellers, who transfer and launder illicit earnings through digital currency services.
Organization leaders, who assemble the team and choose the targets.
Where do these criminal threats come from?
ThreatExpert.com reports that the worldwide distribution of threats is as follows:
Russian Federation 22%
United Kingdom 6%
United States 6%
Others 19% (Includes: Canada, India, Iran, Algeria, Egypt, Syria, Iraq, Saudi Arabia, South Korea, and Turkey).
As indicated above, China is the threat leader, and has been for some time. However, security software vendor Zscaler indicates a new threat is emerging in South America; where 7 of the top 10 countries with high saturation of malware-distributing servers were South and Central American nations.
These include Brazil, Bolivia, Peru, Argentina, Paraguay, Ecuador and Colombia. My own organization’s security logs reflect this trend with increasing numbers of attempted attacks from all these countries and more…every day.
The threats referred to in this article include: malicious mail servers which send millions of phishing and ad-related spam email; viruses; keylogger bot programs that record keyboard keystrokes to collect user access Ids, passwords, and bank account numbers which are sent to the criminal controllers of the bot for use in identity theft and bank fraud; and various backdoor Trojans that allow future access by other malware.
This perfect storm of:
1. A flat world facilitating global business activity.
2. The involvement of organized crime syndicates.
3. The selling and renting of malware packages and botnets to the criminal masses has radically increased the malware, hacking, and subsequent danger present on the Internet today.
Guest writer Paul E. Lubic, Jr. is a long time IT professional who has held the positions of programmer, IT Security Manager and Chief Information Officer. His interests lie in the IT security area, but he writes on all categories of technology.
Paul is a mature and seasoned writer, with a rare ability to break down complex issues into an easy to understand format. Check him out at his Blog – Paul’s Home Computing.
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.