Review of Organised Cyber Crime
Technology has allowed users worldwide an ease of access from online banking to instantaneous communication via email or phone.
Criminals have also benefited from those same technological innovations, giving them a greater access to victims and targets, worldwide communication, and minimizing attribution. Cybercrime is an area that has flourished, as it requires little resources, no traveling, and a skill set that is readily available to learn.
This has made cybercrime a serious threat to both national and international security. In 2014, McAfee estimated that the cost of global cybercrime is 0.8% of global GDP; that’s over $400 billion USD in losses to cybercrime. Furthermore, unlike in traditional criminal activity, organized cyber-criminal groups prefer to remain unknown, which makes tracking cybercrime activity incredibly difficult.
Both groups and individuals use many of the same tactics, but it is the transnational reach that many organized criminal groups had before the increased use of technology that makes this hybrid of ‘traditional’ crime – human and drug trafficking for example – and cybercrime specifically threatening. It is important to address the threat that both organize cyber criminals, and organized cyber-criminal groups pose to international security. The organized criminal groups that are very well known for their cyber activity include the Russians, African criminal groups including those in Nigeria and Ghana, and the Chinese. How they use cyber space for criminal activity will be important to note throughout the paper, as they use different tactics, have different drivers, and organizational structures.
Organised Cyber Criminals
While the main focus of this paper will be on organised criminal groups, it is important to note that cyber criminals are as organised, as well resourced, and as successful as many organisations.
For example, Albert Gonzalez is responsible for one of the biggest credit card frauds in history taking place from 2005 – 2007. Over 18 months, Gonzalez stole 45.6 million credit and debit card numbers from TJX Companies Inc., owning T.J. Maxx, Marshalls, HomeGoods, and Winners. During this time he also was responsible in the Dave & Buster’s hacking job, resulting in accessing 5,000 payment cards from New York. During this time, Gonzalez was actually a government informant for the U.S. Secret Service, helping to put away a number of cyber criminals and hackers while launching scams and attacks of his own. In 2010, Gonzalez was convicted for the theft of over 90 million credit and debit card numbers.
Max Butler is another example of an exceptionally organized cyber-criminal having been both a white hat hacker for the US Government, and later a black hat hacker after acquiring over two million credit card accounts, totaling $86.4 million dollars in fraudulent credit card charges. Both Gonzalez and Butler were driven by the “thrill” of cyber theft, and the personal gratification they received in proving they could hack into such complicated and well-protected systems. This is different from criminal organizations, which are driven by profit, rather than personal ambition or sheer boredom.
Russian Organised Cyber Crime
The Russians are some of the most successful and well-resourced organized cyber criminals groups. This talent is due to ex-KGB spies using their skills and expertise for monetary profit, and establishing the Russian Business Network (RBN) after the Iron Curtain lifted in the 1990s. The RBN has both incredible patience and resources, allowing its members to hack information from high-ranking personnel, usually in the form of credit card and identity theft. In 2008, RBN was responsible for the RBS WorldPay scam in which they not only hacked past WorldPay’s sophisticated encryption system, but also gathered information pertaining to a number of debit cards. In twelve hours, the RBN withdrew $9 million, using fake debit cards, from over 2,100 ATMs in over 280 cities worldwide. While credit card fraud is on the decline – due to an excess supply on the black market – Russian groups are continuing to profit, finding new ways to use their cyber skills.
Pavel Vrublevsky and Igor Gusev are well known for their role in spam and Internet pharmacies, pulling off some of the largest and notorious spamming attacks. Both Vrublevsky and Gusev profit from online pharmacies and spamming, with Vrublevsky owning Chronopay and RX Promotion, and Gusev owning SpamIt and GlavMed. In 2003, Vrublevsky and Gusev co-founded ChronoPay, which is now run by Vrublevsky, as the two had a falling out that created intense competition and rivalry within the Russian cybercrime market. Chronopay is best known for MacDefender, a ‘scareware’ scam that uses false security alerts to make users purchase useless and fake antivirus software. MacDefender targeted, and continues to target, millions of Mac users.
Alongside this, Chronopay and SpamIt are used to prop up illegal online pharmacies; RX Promotion (Chronopay) and GlavMed (SpamIt) where knock off prescription drugs are sold to customers. Between May 2007 and June 2010 GlavMed processed over 1.5 million orders from over 800,000 consumers.[32] On top of this both companies have repeat orders and customers accounting for between 9% – 23% (RX Promotion) and 27% – 38% (GlavMed) of overall revenue. These orders include, but are not limited to, painkillers like Oxycodone and mental health pills including Adderall, and erectile dysfunction pills, most popularly Viagra.
To run these large spam campaigns, Chronopay and SpamIt hire botmasters, responsible for creating and running botnets – spam engines used for infecting PCs, Macs, and other digital devices.
In 2012, Grum, became known as the largest spam botnet during a 2010 leak of the SpamIt database, exposing Ger@ of running the Grum botnet. When in commission, Grum could send more than 18 billion emails per day, and accounted for over a third of all junk email.
Another spammer alleged to work with SpamIt was Oleg Y. Nikolaenko, dubbed “The King of Spam,” known for the Mega-D botnet, which was capable of sending over 10 billion spam messages per day, and said by the United States Justice Department to have infected more than half a million PCs, earning Nikolaenko hundreds of thousands of dollars.
Recent closing of SpamIt caused a drop in spamming numbers worldwide, but it is expected that spamming will continue in some capacity because “sending spam to everyone on the planet gets you new customers on an ongoing basis.”
