Behind many of the large-scale cyberattacks is an increasingly sophisticated crime syndicate. Here's a look into the dark enterprise.
Jun 26th, 2014
Over the past few months, there have been numerous reports and discussions about data breaches and cybercrime. People generally understand that these incidents can cost businesses millions of dollars and cause individuals a great deal of inconvenience and financial strain as their identities and resources are captured by someone else with bad intentions. Industry leaders have debated the best approach for security file sharing solutions, general network protection, and user education. But very little is widely understood about what happens to the information after it's exposed.
Who's leading these attacks and what are they doing with the data?
A Ferrari for your data?
The Independent reported that a cybercrime syndicate leader recently laid out a deal for hackers working with him: Whoever developed the best scam would receive a Ferrari as a prize. This offer, which was released on a "professionally produced video hidden in the dark recesses of the Internet," according to the source, was described by the head of the European Cybercrime Center (EC3), Troels Oerting.
The sophisticated advertisement is indicative of how much underground cybercrime networks have developed: They will go to great lengths to recruit and motivate top talent, much as leading organizations strive to boost employee engagement. In addition to skilled programmers online, the syndicates have also refined their ability to stay under the radar of police detection. Part of the difficultly for law enforcement agencies is that the criminals are taking advantage of international opportunities and countries with less advanced public service infrastructures.
"They are very, very good at locating themselves in jurisdictions that are difficult for us," said Oerting, according to the source. "The police ability stops at the border. We are also seeing signs of movement to African countries when the broadband is getting bigger. We will probably see more from places we don't want to engage with."
For now, much of the activity has been traced to Russia and other Eastern European countries. For example, a Russian man named Evgeniy Bogachev was recently charged with being involved in a massive malbot operation that is thought to have taken hundreds of millions of dollars. It took international cooperation to gain control over the command centers.
What do they do with the goods?
Clearly, there's incentive for cyberattacks and organized criminal networks to support the activities. But what happens to the information? Some of the data is initially re-sold on the black market. InformationWeek explained that a recent report by RAND Corporation detailed the state of the cybercrime black market. Thieves are selling their booty online and utilizing "darkets" and encryption to shield their transactions from detection.
"The black market can be more profitable than the illegal drug trade," the report explained, according to the news source, "with the difference that digital goods carry less risk."
Of course, thieves will be thieves: They're also ripping each other off by selling outdated or invalid information, the study found. However, the data can ultimately be used to steal identities, utilize credit cards, or tap into other accounts and resources. With the massive volume of stolen credentials growing, it's possible for these tech-savvy miscreants to consolidate data about people from multiple sources to more accurately exploit their victims' assets.