Cyber crime is like the ocean. It's a darker world, and is full of fish. Some bigger, some smaller, but it has evolved so that the whole system works.
This is according to Stefan Tanase, senior security researcher, Global Research and Analysis at Kaspersky Lab, speaking during the security giant's Security Analyst Summit META in Budapest this morning.
He discussed the various players in then cyber crime ecosystem. "The days in which cyber crime was a one-man business are over. One man can't do everything needed to run a profitable business. In cyber crime, you have individuals who write the code, some who use the code to carry out the attacks, others run the financial side of the 'business'. Then, of course, you have the brains of the operation, who figure out how to collect, transport, and launder the money."
The coders are very skilled technically, he added. "Many come from Eastern Europe, in my opinion, this is because in these countries, the educational system is highly developed and these places offer a good technical education.
"At the same time, these individuals don't have the opportunity to use these skills for good as there are not enough jobs. Often these people don't go to jail as they don't actually use the tools themselves, much in the same way the gun manufacturer doesn't go to jail, but the shooter does.
"Cyber criminals are more interesting," added Tanase. "These individuals are not necessarily technically skilled, but are very street smart. They are good businessmen and can connect the dots. They buy the code and put it all together to launch the attacks, and they understand how to monetise the attacks."
Next are the victims, who are the ones who actually lose the money. He says cyber crooks use these people as scapegoats. Cyber criminals will use their Internet connections and IP addresses to obfuscate their identities, and once the police swoop in, for reveal that they didn't actually launch the attacks at all.
There is also a retail underground, for once the infection has occurred. "All malware likes to collect information, whether financial logins, credit card details or similar. Criminals take this data and put in in online stores to exchange information with each other. Everything has a price, and a credit card number, social security number or Gmail account can be purchased in these places."
Next, cyber criminals have to deal with the money side of things. "Smart cyber crooks use intermediaries."
He said the Internet is littered with notices advertising jobs where users can work from home and still earn way more than a regular job. "These seem to be too good to be true, because they are. Cyber criminals trick people into thinking they have a job, such as managing accounting for a medium company, but in reality it's not the case. At first they would simply move money from one account to another and keep a commission.
However, they are being used to launder money. This is where the crime moves from cyber space to the physical."
Then come the intermediaries, he added. "When you're in the underground network, how can you trust each other? Some turn a profit by acting as an intermediary between to criminal parties. Making exchanges and doing verifications and suchlike."
Finally, he said we see the e-currency, such as Bitcoin, financial layer support, also used to launder money and hide financial trails."
Tanase says the bottom line is that cyber crime is growing because it can be committed by anyone, from any location.
"When big guys get arrested they are usually found to be living lives of luxury. It's a lucrative endeavour for many. There are two ways to make money, either by stealing money directly from the user such as credit card details or banking logins, or using the user's resources - computer, connection or similar - to provide services to other cyber criminals."
Essentially it's 21st century pickpocketing, except they use botnets instead of hands to steal little bits from many users, he concludes.
Share