Cyber Criminals Have Ingenious Money Laundering Methods

Uploaded on 2018-04-13 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Financial

Cyber criminals are using a combination of new cryptocurrencies, gaming currencies and micro-payments to launder up to $200bn in ill-gotten gains, research has revealed.

Cyber criminals are responsible for up to 10% of the total illegal profits being laundered globally, which UN figures indicate equates to about $200bn a year, a study shows.

To achieve this, they are using a combination of crypto-currencies such as Monero, gaming currencies and micropayments, according to a study commissioned by virtualisation-based security firm Bromium.

The findings on cyber-criminal money-laundering and cashing-out methods are part of a study into the macro economics of cyber-crime and how the various elements link together which has been led by Michael McGuire, senior lecturer in criminology at Surrey University.

“This is the first time the financial flows of cyber criminals have been put together into a composite picture,” said McGuire, who will present the full findings of the nine-month Web of profit study at the RSA Conference in San Francisco from 17-19 in April.

“Law enforcement and cyber security professionals can use the study to understand how revenue generation is feeding into laundering, and how laundering is feeding into more traditional methods of money-laundering and the way cyber criminals are spending their money, so that they look at the intersections between the various networks more carefully,” he told Computer Weekly.

The study, which draws from first-hand interviews with convicted cyber criminals, data from international law enforcement agencies, financial institutions and covert observations conducted across the dark web, found that although crypto-currencies have become the primary tool used by cyber criminals for money laundering, cyber criminals are moving away from bitcoin to crypto-currencies such as Monero, which provide greater anonymity.

But cyber criminals are not using any one form of digital currency to move their illicit funds around, they are also using micro-payments and gaming currencies.

This is done by converting stolen funds into game currencies or in-game items such as gold, which are then converted into bitcoin or other electronic formats. Games such as Minecraft, FIFA, World of Warcraft and GTA 5 are among the most popular options because they allow covert interactions with other players that enable trade of currency and goods.

“Gaming currencies and items that can be easily converted and moved across borders offer an attractive prospect to cyber criminals,” said McGuire.

“This trend appears to be particularly prevalent in countries like South Korea and China, with South Korean police arresting a gang transferring $38m laundered in Korean games, back to China. The advice on how to do this is readily available online and explains how cyber criminals can launder proceeds through both in-game currencies and goods.”

Covert data collection in online forums and interviews with experts and cyber criminals indicate that about 10% of cyber criminals are using PayPal to launder money. A further 35% use other digital payment systems, including Skrill, Dwoll, Zoom and mobile payment systems such as M-Pesa.

Methods such as “micro laundering”, where thousands of small electronic payments are made through platforms such as PayPal to avoid triggering alerts, are increasingly common and more difficult to detect. Another common technique is to use online transactions via sites such as eBay to facilitate the laundering.

“The growing use of digital payment systems by cyber criminals is creating significant problems for the global financial system,” said McGuire.

“Revenues that previously would have flowed within proven and well-established banking systems and could be traced are now outside of its jurisdiction. Digital payment systems are most effective when combined with other digital resources, such as virtual currencies and online banking. This hides the money trail and confuses law enforcement and financial regulators.”

Bromium CEO Gregory Webb said his company commissioned the research to inform a meaningful conversation about how to disrupt the economic systems and poor security practices that enable and support cyber-crime.

“It is still too easy for cyber criminals to infect machines, steal data and hold businesses and individuals to ransom, because enterprise defences are not fit for purpose,” he said, adding that protecting applications that access sensitive data is an absolute requirement.

“It is equally easy for cyber criminals to convert ill-gotten electronic funds it into cash – and the rise in use of unregulated, virtual currencies is making this even easier,” said Webb.

“We need to attack the problem in a different way. Law enforcement, the cyber security industry and organisations themselves need to take responsibility for their role in disrupting cyber-crime.”

Property purchases

Many cyber criminals are using virtual currency to make property purchases which convert illegal proceeds into legitimate cash and assets, the study found.

Websites such as Bitcoin Real Estate offer a wide range of property investments that can be made using crypto-currencies, but unlike cash purchases which are subject to regulation and scrutiny, properties bought with crypto-currency are not as closely scrutinised because cryptocurrencies are not regulated by any central banks or governments.

About a quarter of all property sales are predicted to be in crypto-currency within the next few years, but this has raised concerns among financial analysts that allowing swifter, more covert transactions, many with criminal connections, will disrupt global property markets.

However, the report highlights that law enforcement agencies are monitoring bitcoin, causing many cyber criminals to seek alternatives. Information on bitcoin transactions can leak during web transactions, the report said, typically via web trackers or cookies. This means that connecting transactions to individuals is possible in up to 60% of bitcoin payments.

“It is therefore no surprise to see cyber criminals using virtual currency for money laundering,” said McGuire.

“The attraction is obvious. It’s digital, so is an easily convertible way of acquiring and transferring cyber-crime revenue. Anonymity is also key, with platforms like Monero designed to be truly anonymous, and tumbler or mixing services like CoinJoin that can obscure transaction origins. Targeted organisations must do more to protect their customers.”

McGuire also believes law enforcement must focus more effort and resources on the use of cryptocurrencies and digital payment systems by cyber criminals. “UK law enforcement, for example, has only a handful of specialist officers looking at this, which is shocking and astounding,” he said.

In this regard, McGuire said US law enforcement is much more advanced and has set up specialised units, which have had a fair amount of success. “In the UK, and probably elsewhere in Europe, law enforcement is not taking this area of investigation seriously enough in terms of understanding and resource allocation,” he said.

Despite the fact that politicians say repeatedly that tacking cyber-crime is a priority, McGuire said there is still not enough money allocated to doing so. “But in addition, UK law enforcement is not allocating enough officers internally to understanding and investigating crypto-currencies, and does not appreciate where it is going,” he said, adding that this has to change if the problem is to be dealt with adequately in future.

Comuterweekly:     Image: Nick Youngson

You Might Also Read:

Inside the Big Business Of Cyber Crime:

 

« How to Improve Cyber Security Awareness In Your Organisation
The Pentagon Is Busy Integrating Cyber Into Its Battle Plans »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Techmeme

Techmeme

Techmeme is an online news curation service focused on leading edge technology, including cyber security.

GovCERT.HK

GovCERT.HK

GovCERT.HK is the Government Computer Emergency Response Team for Hong Kong.

Norwegian Center for Information Security (NorSIS)

Norwegian Center for Information Security (NorSIS)

NorSIS) is an independent organization that works to increase knowledge and understanding of information security for businesses and individuals.

Rogue Wave Software

Rogue Wave Software

At Rogue Wave, our mission is to simplify your hardest problems, improve software quality and security, and shorten the time it takes to deliver value.

Tech Mahindra

Tech Mahindra

Tech Mahindra is a global leader in IT solutions, BPO, business consulting services & digital technologies.

Cyscale

Cyscale

Cyscale automates the contextual analysis of cloud misconfigurations, vulnerabilities, access, and data, to provide an accurate and actionable assessment of risk.

Cyber Police of Ukraine

Cyber Police of Ukraine

Cyber Police of Ukraine is a law enforcement agency within the the Ministry of Internal Affairs of Ukraine dedicated to combating cyber crime.

CyBOK - University of Bristol

CyBOK - University of Bristol

CyBOK is a comprehensive Body of Knowledge to inform and underpin education and professional training for the cyber security sector.

Eco Recycling (Ecoreco)

Eco Recycling (Ecoreco)

Eco Recycling is India's first and leading professional E-waste Management Company that has set industry benchmarks with its innovative & environment friendly disposal practices.

AU10TIX

AU10TIX

AU10TIX’s smart forensic-level ID authentication technology links physical and digital identities, meets compliance mandates, and ensures your customers know their trust and safety come first.

Iowa Cyber Hub

Iowa Cyber Hub

Iowa Cyber Hub is a cybersecurity education partnership between Iowa State University and Des Moines Area Community College.

WebOrion

WebOrion

WebOrion is an All-in-One Web Security & Performance Suite. Fortify, accelerate and monitor your website today.

Belcan

Belcan

Belcan is a global supplier of engineering, manufacturing & supply chain, workforce and government IT solutions to customers in the aerospace, defense, automotive, industrial, and private sector.

Suresecure

Suresecure

Suresecure are a specialised consulting company providing Strategic IT security consulting, Managed Security Services, and Incident Response Management.

Prism Infosec

Prism Infosec

Prism Infosec is an award-winning independent cyber security consultancy, CREST STAR, NCSC CHECK member, CAA ASSURE audit provider and PCI Qualified Security Assessor.

Espria

Espria

Espria is a leading independent managed service provider with expertise in Cloud, IT, Communications and Document Solutions.