Review of Organised Cyber Crime

Uploaded on 2015-06-04 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

cybercrimes-june_2010.jpg

Technology has allowed users worldwide an ease of access from online banking to instantaneous communication via email or phone.

Criminals have also benefited from those same technological innovations, giving them a greater access to victims and targets, worldwide communication, and minimizing attribution. Cybercrime is an area that has flourished, as it requires little resources, no traveling, and a skill set that is readily available to learn. 

This has made cybercrime a serious threat to both national and international security. In 2014, McAfee estimated that the cost of global cybercrime is 0.8% of global GDP; that’s over $400 billion USD in losses to cybercrime. Furthermore, unlike in traditional criminal activity, organized cyber-criminal groups prefer to remain unknown, which makes tracking cybercrime activity incredibly difficult.

Both groups and individuals use many of the same tactics, but it is the transnational reach that many organized criminal groups had before the increased use of technology that makes this hybrid of ‘traditional’ crime – human and drug trafficking for example – and cybercrime specifically threatening. It is important to address the threat that both organize cyber criminals, and organized cyber-criminal groups pose to international security. The organized criminal groups that are very well known for their cyber activity include the Russians, African criminal groups including those in Nigeria and Ghana, and the Chinese. How they use cyber space for criminal activity will be important to note throughout the paper, as they use different tactics, have different drivers, and organizational structures.

Organised Cyber Criminals

While the main focus of this paper will be on organised criminal groups, it is important to note that cyber criminals are as organised, as well resourced, and as successful as many organisations. 

For example, Albert Gonzalez is responsible for one of the biggest credit card frauds in history taking place from 2005 – 2007. Over 18 months, Gonzalez stole 45.6 million credit and debit card numbers from TJX Companies Inc., owning T.J. Maxx, Marshalls, HomeGoods, and Winners. During this time he also was responsible in the Dave & Buster’s hacking job, resulting in accessing 5,000 payment cards from New York. During this time, Gonzalez was actually a government informant for the U.S. Secret Service, helping to put away a number of cyber criminals and hackers while launching scams and attacks of his own. In 2010, Gonzalez was convicted for the theft of over 90 million credit and debit card numbers. 

Max Butler is another example of an exceptionally organized cyber-criminal having been both a white hat hacker for the US Government, and later a black hat hacker after acquiring over two million credit card accounts, totaling $86.4 million dollars in fraudulent credit card charges. Both Gonzalez and Butler were driven by the “thrill” of cyber theft, and the personal gratification they received in proving they could hack into such complicated and well-protected systems. This is different from criminal organizations, which are driven by profit, rather than personal ambition or sheer boredom.

Russian Organised Cyber Crime

The Russians are some of the most successful and well-resourced organized cyber criminals groups. This talent is due to ex-KGB spies using their skills and expertise for monetary profit, and establishing the Russian Business Network (RBN) after the Iron Curtain lifted in the 1990s. The RBN has both incredible patience and resources, allowing its members to hack information from high-ranking personnel, usually in the form of credit card and identity theft. In 2008, RBN was responsible for the RBS WorldPay scam in which they not only hacked past WorldPay’s sophisticated encryption system, but also gathered information pertaining to a number of debit cards. In twelve hours, the RBN withdrew $9 million, using fake debit cards, from over 2,100 ATMs in over 280 cities worldwide. While credit card fraud is on the decline – due to an excess supply on the black market – Russian groups are continuing to profit, finding new ways to use their cyber skills.

Pavel Vrublevsky and Igor Gusev are well known for their role in spam and Internet pharmacies, pulling off some of the largest and notorious spamming attacks. Both Vrublevsky and Gusev profit from online pharmacies and spamming, with Vrublevsky owning Chronopay and RX Promotion, and Gusev owning SpamIt and GlavMed. In 2003, Vrublevsky and Gusev co-founded ChronoPay, which is now run by Vrublevsky, as the two had a falling out that created intense competition and rivalry within the Russian cybercrime market. Chronopay is best known for MacDefender, a ‘scareware’ scam that uses false security alerts to make users purchase useless and fake antivirus software. MacDefender targeted, and continues to target, millions of Mac users. 

Alongside this, Chronopay and SpamIt are used to prop up illegal online pharmacies; RX Promotion (Chronopay) and GlavMed (SpamIt) where knock off prescription drugs are sold to customers. Between May 2007 and June 2010 GlavMed processed over 1.5 million orders from over 800,000 consumers.[32] On top of this both companies have repeat orders and customers accounting for between 9% – 23% (RX Promotion) and 27% – 38% (GlavMed) of overall revenue. These orders include, but are not limited to, painkillers like Oxycodone and mental health pills including Adderall, and erectile dysfunction pills, most popularly Viagra.

To run these large spam campaigns, Chronopay and SpamIt hire botmasters, responsible for creating and running botnets – spam engines used for infecting PCs, Macs, and other digital devices. 
In 2012, Grum, became known as the largest spam botnet during a 2010 leak of the SpamIt database, exposing Ger@ of running the Grum botnet. When in commission, Grum could send more than 18 billion emails per day, and accounted for over a third of all junk email. 

Another spammer alleged to work with SpamIt was Oleg Y. Nikolaenko, dubbed “The King of Spam,” known for the Mega-D botnet, which was capable of sending over 10 billion spam messages per day, and said by the United States Justice Department to have infected more than half a million PCs, earning Nikolaenko hundreds of thousands of dollars. 
Recent closing of SpamIt caused a drop in spamming numbers worldwide, but it is expected that spamming will continue in some capacity because “sending spam to everyone on the planet gets you new customers on an ongoing basis.”

Cyber Defense Review

« Keeping Passwords Safe From Cracking
Hackers Build New Tor Client Designed to Beat the NSA »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

TZ-CERT

TZ-CERT

TZ-CERT is the National Computer Emergence Response Team of Tanzania.

Hack in the Box Security Conference (HitBSecConf)

Hack in the Box Security Conference (HitBSecConf)

HITBSecConf is a platform for the discussion and dissemination of next generation computer security issues. Our events feature two days of training and a two-day multi-track conference

National Authority Against Electronic Attacks (NAAEA) - Greece

National Authority Against Electronic Attacks (NAAEA) - Greece

The National Authority Against Electronic Attacks (NAAEA) is the national computer emergency response team of Greece.

SK IT Cyber Security

SK IT Cyber Security

SK IT provide services and solutions for cybersecurity and advanced information system engineering.

MPC Alliance

MPC Alliance

A consortium of developers and practitioners of multiparty computation (MPC), committed to accelerating market awareness and adoption of MPC to increase the security and privacy of online services.

Healthcare Fraud Shield (HCFS)

Healthcare Fraud Shield (HCFS)

The focus of Healthcare Fraud Shield is solely on healthcare fraud prevention and payment integrity with a successful approach based on many unique advantages we deliver to our clients.

TrustMAPP

TrustMAPP

TrustMAPP automates cybersecurity & privacy assessments, with universal workflow, allowing teams to generate analytics and recommendations to align priorities for improvement.

Cybersecurity Maturity Model Certification Center of Excellence (CMMC COE)

Cybersecurity Maturity Model Certification Center of Excellence (CMMC COE)

CMMC COE is an IT-AAC sponsored public–private partnership that will be the focal point for entities seeking to achieve Cybersecurity Maturity Model Certification.

Airtel Secure

Airtel Secure

Airtel Secure’s multi-layered, full service cybersecurity offerings are designed to safeguard enterprises against threats of various kinds and origins.

Intigriti

Intigriti

Intigriti helps companies protect themselves from cybercrime. Our community of ethical hackers provides continuous, realistic security testing to protect our customer’s assets and brand.

Memcyco

Memcyco

Memcyco is a provider of cutting-edge digital trust technologies to empower brands in combating online brand impersonation fraud, and preventing fraud damages to businesses and their clients.

Infima Cybersecurity

Infima Cybersecurity

INFIMA tackle the hard parts of managing your Security Awareness Training program so you can focus elsewhere.

Bearer

Bearer

Bearer helps modern teams ship trustworthy products with the help of our code security solution built for security, privacy and engineering teams.

AKIPS

AKIPS

AKIPS develops the world's most scalable network and infrastructure monitoring software, delivered as a turn-key software appliance.

TraitWare

TraitWare

The TraitWare mission is to increase user and company security while simplifying access to digital and physical resources through the elimination of the need for usernames and passwords.

Advanced IT

Advanced IT

Reliable managed IT Security & support services that will help you take your business operations to the next level without breaking the bank!