The rise of organized crime in cybersecurity
Posted by: Andy Alsop in Breaches, Commentary, Cybercrime, Links to articles, tags: Cybercrime, hackers, organized crimeA quote by Gartner analyst John Pescatore in a recent article in PC World points out a fact that is becoming more and more common and is of grave concern to security experts:
“…government-funded cyber espionage is minimal in comparison to that carried out by criminals motivated to steal information for financial gain.”
Cybercrimes are no longer fashionable pranks by teenage hackers to get their name in the paper. Cybercrime is now being driven by financial gain and in many cases is the result of organized crime. The San Jose Mercury News did an excellent three-part series called “Ghosts in the Browser” which highlighted the rise of organized crime, particularly overseas, in the cyberworld.
What makes this so scary?
When the motivation of “hacking” changes from one of glamor to one of deceit for financial gain it will produce jaw dropping results in terms of criminal activity. I heard this story through a reputable source but am unable to cite the particular circumstances (If you’ve heard this story could you please document it by posting a link to the article as a comment?). This made the hair on the back of my neck stand up when I heard it.
Last year a hacker was discovered in a well-known University medical school’s financial aid database. You might ask yourself (as I did when I heard this) - “Why would anyone want to hack into a financial aid database, particularly a database of people who are in serious debt?” Through different forensic methods it was discovered that there was an elaborate plan to garner the social security numbers of future doctors and hold those numbers for about 10 - 20 years. Why? Because Med students might be in tremendous debt now but in 10 - 20 years they will likely have high net worths. It’s then that the organized crime syndicates would begin using sophisticated methods to extract untold sums of money from bank accounts, credit accounts, etc.
These organized hackers were caught but I’d like to make this point…Much like they say about cockroaches. If you see one that means there are hundreds (if not thousands) lurking in the shadows of the walls.
Is the hair on the back of your neck standing up? Mine is.
Entries (RSS)
January 22nd, 2008 at 11:55 am - Edit
I believe it can be shown via the Russian ‘mafia’ and other organizations that Organized Cyber-Crime has been around for multiple years. The big deal is that it is profitable enough that it does not just lurk in the shadows anymore. While its hard to pin down exact numbers, the amount of money that is flowing via the illegal markets is in the multi-billion ranges for just California. World-wide it is probably larger than the GNP of many countries. And it has become so ubiquitous and in some ways easy that every corner crook wants in on the action (you do 20 years for selling $100 of crack, but 2 years for 10,000 in computer crime).
I have not heard that particular story, my only problem is that I would believe it happened quite some time ago. The information that schools, banks, credit card companies, and even places like Target/WalMart/Sears keep about people is amazing.. and if I were looking to make a long term criminal investment.. they would have been my targets for quite some time. Heck, I would expect that the current Sears ‘tracking software’ would be a prime target for getting information from people at workplaces and homes. ‘Hack’ the software, and have the personal or corporate data come to you for ‘free’.
February 10th, 2008 at 9:25 am - Edit
[...] and breaches are motivated by money. Andy weighed in on this trend with his excellent write up on the rise of organized crime in cybersecurity. I wrote about THE subject most recently in my post on the motivations of modern hackers. Danny [...]