The cybercrime ecosystem, resources,motivations and methods

Pierluigi Paganini July 03, 2013

Information provided by the results of principal researches on the cybercrime reveals resources,motivations and methods and cost illegal operations.

Fortinet has published early 2013 the Fortinet’s 2013 cybercrime report, an interesting study on cybercriminal ecosystem, identifying the operations, the motivations, the methods, the resource used and countermeasure adoptable to mitigate the cyber threats

As demonstrated by various researchers conducted by principal security firm’s cybercrime industry operates exactly as legitimate businesses working in a global industry. What is very concerning is the capabilities of criminal organizations to quickly react to new business opportunities demonstrating a high level of motivation, very common is the habit to recruit skilled professionals or rent specialist services to arrange illegal activities.

Criminal organizations have different motivations for their operations, they could adopt a direct method of monetization earning with frauds and illegal activities such as cyber espionage or estorsions, or they can decide to monetize the providing of illegal services such as the renting of botnets or customization of malicious code.

Cybercrime has no specific Geo localization, it operates on a global scale in the cyber space exploiting different law framework adopted by various governments that make cybercrime relatively risk free compared with traditional crimes.

In too many countries cyber laws are very poor,  the level of enforcement is low exactly such as monitoring of criminal ecosystem, this advantage the growth cybercriminals organizations.

cybercrime global business

Cybercrime often goes unpunished ,it is very profitable and contrary to what we can think the providing of criminal services in the model dubbed Crime-as-a-Service allows also to ordinary crime without technological background to become part of “cybercriminal business”.

Being a cybercriminal allows to gain handsome profits especially in countries where per capita income is extremely low. Cybercrime pays, it’s very common to find advertising looking to recruit cyber specialists (e.g. botmaster, malware engineers) promising amount of money between $2,000 and $5,000 a month.

This amount of money is very attractive if we consider the monthly earns for these categories of professionals located in Eastern Europe, especially in countries such as Russia and Moldova.

“Banner ads looking to recruit malware engineers give a rate of between $2,000 and $5,000 a month. This is quite alluring when you consider a sampling of national minimum annual wages in 2012: Estonia, $4,923; Brazil, $4,172; Russia, $1,794; and Moldova, $595.”

Recently the Dark Reading published an interesting report titled How Cybercriminals Operate, edited by security author Michael Cobb, that provides a useful overview on cybercrime and its economic impact.

Which are the costs related to annual damage from cybercrime?

Ponemon Institute publishes an annual study on the economic impact of cybercrime, the ranking of the costs related to annual damage for cybercrime for countries in 2011 is led by US firms with $8.9 million, followed by German companies at $6 million and U.K. firms third at $5.2 million with sensible differences for costs repartition between for example detecting activities and recovery.

 cybercrime costs Ponemon

Which is the cost for principal services provided by criminal organizations?

Fortinet tried to provide a price-list for the principal services offered in the underground, an information that could give us an idea of the ability of cybercrime to respond to demand on the black market , following the examples of crime services and corresponding rates (USD):

Cybercrime price list

“And the ROI is astonishing: One network of hackers from countries including Estonia, Russia and Moldova reportedly defeated the encryption used by an RBS WorldPay computer network. The hackers and their associates withdrew more than $9.4 million from more than 2,100 ATMs across at least 280 cities around the world in less than 12 hours. This type of operation requires an incredible amount of preparation and organization.” the Dark Reading Report states. 

The reports mentioned demonstrated the increasing of the cost of cybercrime suffered by businesses and organizations to prevent and mitigate the effects of cyber attacks.

Despite the awareness of cyber threat and the increase of the expense in cyber security, private business and organizations are still vulnerable to the growing menace of cyber crime.

The way to mitigate the cyber threats passes through an active collaboration on a global scale of law enforcement, governments, CERT Groups and private businesses.

Cybercrime is a mutable enemy difficult to fight!

Pierluigi Paganini

(Security Affairs – Cybercrime)

you might also like

leave a comment