The cybercrime ecosystem, resources,motivations and methods

Information provided by the results of principal researches on the cybercrime reveals resources,motivations and methods and cost illegal operations.

Fortinet has published early 2013 the Fortinet’s 2013 cybercrime report, an interesting study on cybercriminal ecosystem, identifying the operations, the motivations, the methods, the resource used and countermeasure adoptable to mitigate the cyber threats

As demonstrated by various researchers conducted by principal security firm’s cybercrime industry operates exactly as legitimate businesses working in a global industry. What is very concerning is the capabilities of criminal organizations to quickly react to new business opportunities demonstrating a high level of motivation, very common is the habit to recruit skilled professionals or rent specialist services to arrange illegal activities.

Criminal organizations have different motivations for their operations, they could adopt a direct method of monetization earning with frauds and illegal activities such as cyber espionage or estorsions, or they can decide to monetize the providing of illegal services such as the renting of botnets or customization of malicious code.

Cybercrime has no specific Geo localization, it operates on a global scale in the cyber space exploiting different law framework adopted by various governments that make cybercrime relatively risk free compared with traditional crimes.

In too many countries cyber laws are very poor, the level of enforcement is low exactly such as monitoring of criminal ecosystem, this advantage the growth cybercriminals organizations.

Cybercrime often goes unpunished ,it is very profitable and contrary to what we can think the providing of criminal services in the model dubbed Crime-as-a-Service allows also to ordinary crime without technological background to become part of “cybercriminal business”.

Being a cybercriminal allows to gain handsome profits especially in countries where per capita income is extremely low. Cybercrime pays, it’s very common to find advertising looking to recruit cyber specialists (e.g. botmaster, malware engineers) promising amount of money between $2,000 and $5,000 a month.

This amount of money is very attractive if we consider the monthly earns for these categories of professionals located in Eastern Europe, especially in countries such as Russia and Moldova.

“Banner ads looking to recruit malware engineers give a rate of between $2,000 and $5,000 a month. This is quite alluring when you consider a sampling of national minimum annual wages in 2012: Estonia, $4,923; Brazil, $4,172; Russia, $1,794; and Moldova, $595.”

Recently the Dark Reading published an interesting report titled How Cybercriminals Operate, edited by security author Michael Cobb, that provides a useful overview on cybercrime and its economic impact.

Which are the costs related to annual damage from cybercrime?

Ponemon Institute publishes an annual study on the economic impact of cybercrime, the ranking of the costs related to annual damage for cybercrime for countries in 2011 is led by US firms with $8.9 million, followed by German companies at $6 million and U.K. firms third at $5.2 million with sensible differences for costs repartition between for example detecting activities and recovery.

Which is the cost for principal services provided by criminal organizations?

Fortinet tried to provide a price-list for the principal services offered in the u nderground, an information that could give us an idea of the ability of cybercrime to respond to demand on the black market , following the examples of crime services and corresponding rates (USD):

“And the ROI is astonishing: One network of hackers from countries including Estonia, Russia and Moldova reportedly defeated the encryption used by an RBS WorldPay computer network. The hackers and their associates withdrew more than $9.4 million from more than 2,100 ATMs across at least 280 cities around the world in less than 12 hours. This type of operation requires an incredible amount of preparation and organization.” the Dark Reading Report states.

The reports mentioned demonstrated the increasing of the cost of cybercrime suffered by businesses and organizations to prevent and mitigate the effects of cyber attacks.

Despite the awareness of cyber threat and the increase of the expense in cyber security, private business and organizations are still vulnerable to the growing menace of cyber crime.

The way to mitigate the cyber threats passes through an active collaboration on a global scale of law enforcement, governments, CERT Groups and private businesses.

Cybercrime is a mutable enemy difficult to fight!

Pierluigi Paganini

(Security Affairs – Cybercrime)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.