Cybercrime, a dangerous and attractive lifestyle for young cyber talents

Cybercrime is a dangerous and attractive lifestyle for young cyber talents. Which are the strengths of a winning model that is hard to fight?

The Director of the European police agency Europol, Rob Wainwright, has provided illuminating details on the evolution of the cyber criminal ecosystem.

The number of cyber crimes is growing rapidly, their level of sophistication has reached levels never seen before representing a serious threat to the society.

“Top computer graduates are being lured into cybercrime” is the message passed by Mr Rob Wainwright.

Exactly like private companies and intelligence agencies, also the Organised criminal organizations are attracting the new generation of most-talented computer coders and cyber experts.

Mr Wainwright provided also a geographical connotation of cybercriminal operation, most of them are managed by criminal crews operating in eastern Europe.

“I think between us and the Americans, we think we know the majority of the kingpins who are behind, for example, the development of the malware,” Mr Rob Wainwright says.

The new criminal organizations have a flexible structure and operate on a large scale, they are able to rapidly respond to the pressure made by law enforcement and dynamically reorganize their operations.

Let consider the case of the recent Onymous operation run the Europol joint with other law enforcement worldwide against the black markets hosted on the Tor network. A few days after the seizure on the principal marketplaces the experts noticed a surge of illegal activities. According to data provided by the non-profit Digital Citizens Alliance Security, experts noticed a rapid growth of the Evolution dark market that has more than tripled the number of the new products offered, including weapons, stolen credit card data and counterfeit documents.

Cyber crime is attracting even more high skilled specialists that allow various criminal crews to arrange sophisticated scams and implement complex evasion techniques.

Rumors report that the leader of a global cybercrime syndicate has offered a Ferrari to the hacker who came up with the best scam. The boss recorded a video in a luxury car showroom and according the experts the video was made by professionals. The cyber crime presented as a brand, a luxurious lifestyle is offered to skilled hackers that in many cases work for just one hundred dollars per months.

“There are three employers out there: the police, the tech companies and the bad guys. They are all after the same style of graduates,” says Mr Wainwright. ““We do pretty well because we can pay very well. We have some Romanian cyber analysts here who are fantastic at what they do. But some of the guys that arrived with them at university took a left turn coming out of the building instead of a right turn.”

How to fight the cybercrime?

It is a game that must involve everyone, law enforcement, private companies and every individual. We must spread awareness of principal cyber threats, people must be aware of threat actors and their tactics. But is not enough, we need a law framework globally accepted to tackle the illegal activities of numerous criminal crews that operate in a space without boundaries, the cyberspace.

“Across the board in Europe, the police are really struggling to get the right guys through the doors because they can’t afford to pay the rates that criminals and the tech guys do,” says Rob Wainwright, the director of Europol. “We’re not getting the right people and there’s not enough training of existing cops.”

As explained by Mr. Wainwright, kingpins behind principal cyber criminal syndicates are protected by the lack of an official law framework that is written with the intent to persecute online crimes.

In October, the Head of Europol’s Cybercrime Centre Troels Oerting explained to the BBC’s Tech Tent that legislation needs to target a “limited” number of skilled programmers which have the skills necessary to carry out illegal activities online.

“Criminals no longer come to our countries, they commit their crimes from a distance and because of this I cannot use the normal tools to catch them. I have to work with countries I am not used to working with and that scares me a bit,” he told the BBC.

Mr Wainwright also explained the impact of the Snowden‘s revelations on the activities of law enforcement, he highlighted the difficulties to track cyber criminals due to the improvement of tech IT giant to their products and solution. Companies like Apple are developing a new generation of solution that adopt the state of the art of encryption and can protect users from law enforcement investigations.

“The internet allows for the offender online to conceal his identity in a way that makes it in some cases impossible for police to overcome,” says Mr Wainwright. “The commercial imperative has changed from the post 9/11 world when most tech firms, the airline industry and so on understood that the commercial imperative was to work as closely as possible with the authorities to prevent the next terrorist attack. “Something has changed to such a point, accelerated by the impact of Snowden, in which they understand the public’s greater concern to be threat of Big Brother snooping from the state.”

Pierluigi Paganini

(Security Affairs – Europol, cybercrime)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.