Uncovering the truth of cybercrime
20 April 2018 |
A major study published today details how $1.5 trillion in cyber-crime profits are being acquired, laundered, spent and reinvested.
Conducted by Dr Mike McGuire, senior lecturer in Criminology at Surrey University, a major independent academic study into cyber-crime highlights how it has become a booming economy, and exposes cyber-criminal links to drug production, human trafficking and even terrorism.
The report is based on briefings and data from a large number of organisations including the UK Home Office, the UK's GCHQ, the FBI, Europol, and global financial institutions. There are also interviews with convicted criminals and covert security workers who have infiltrated the dark web and apprehended cyber-criminals.
The report aims to examine cyber-crime revenues to gain a true picture of the extent and nature of cyber-crime, as a way of helping the cyber-security industry and law enforcement identify opportunities to disrupt cyber-criminal revenues and prevent social harm.
Also of interest: UK failing to keep up
How cyber-criminals generate funds
Cybercriminals are employing a variety of means to generate large revenues that rival the GDP output of much of the world’s economies. The use of ransomware, crime-as-a-service, data theft, illicit online marketplaces and trade secret/IP theft are helping cyber-criminals generate huge revenues with relative ease.
Overall cyber-crime revenues worldwide total at least $1.5 trillion – equal to the GDP of Russia. In fact, if cyber-crime was a country it would have the 13th highest GDP in the world. This $1.5 trillion figure includes:
- $860 billion – Illicit/illegal online markets
- $500 billion – Theft of trade secrets/IP
- $160 billion – Data trading
- $1.6 billion – Crimeware-as-a-Service
- $1 billion – Ransomware
Dr McGuire's study describes how cyber-crime revenue generation takes place at a number of levels – from large ‘multi-nationals’ to smaller ‘SMEs’. Profits vary with the size of the criminal enterprise: the larger corporates can expect to be making profits totalling over $1bn annually but even small organisations can expect to see profits of $30-$50,000 annually.
Cyber-criminals are mirroring legitimate businesses organisations and emulating ‘platform capitalism’. There are large organisations in the burgeoning cyber-crime economy that very closely match the structures and business plans of companies like Uber, AirBnB, Facebook, Twitter and WhatsApp.
These platform owners are acting more like service providers than criminals. For instance they often have ratings and reviews, translation services, help desks and even money-back guarantees. As with legitimate business, cyber-criminals clearly understand the importance of a good customer experience.
There is also a shift from those who commit crime to those who enable others to commit crime and who profit from the activities of these criminals. Prices for these types of services vary: the report gives some typical prices for "cyber-crime as a service":
- Zero-day Adobe exploits, up to $30,000
- Zero-day iOS exploit, $250,000
- Malware exploit kit, $200-$600 per exploit
- Blackhole exploit kit, $700 for a month’s leasing, or $1,500 for a year
- Custom spyware, $200
- SMS spoofing service, $20 per month
- Hacker for hire, around $200 for a “small” hack
Interestingly, while an individual hacker might only "earn" $30,000 pa, the manager of a cyber-crime service could easily generate $2 million in revenue for their organisation.
“This new cyber-crime economy has created new digital businesses, making it even easier to conduct cyber attacks,” said Gregory Webb, CEO of Bromium. “The walls between the criminal and legitimate worlds are blurring, and we are no longer simply dealing with ‘hackers in hoodies.’ We have to understand and tackle the underlying economic ecosystem that enables, funds and supports criminal activity on a global scale to stem the tide and better protect ourselves. By better understanding the systems that support cyber-crime, the security community can better understand how to disrupt and stop them. New approaches to cyber security will be required.”
Also of interest: Ransomware-as-a -service
Crime fuels crime
The proceeds of cyber-crime fuels other crimes like terrorism and human trafficking. This is similar to the way that a legitimate business reinvests profits to expand while also contributing towards core philanthropic values.
But in the case of cyber crime, criminals are reinvesting their money to grow their own business, but also promoting other types of crime that they may be able to profit from. Worryingly, cyber-criminals were found to be reinvesting 20% of their revenues into further crime, which suggests up to $300 billion is being used to fund future cyber-crime and other serious types of crime – including drug manufacturing, human trafficking or terrorism.
Terrorism, human trafficking, drugs manufacturing and firearms trading have all been beneficiaries of the growing success of cyber-crime. “One British-born follower of Al Qaeda, who provided technical assistance to the terror group in relation to uploading videos, quickly realized that his technical skills could also be used to commit cybercrimes,” McGuire explains. “He began to acquire stolen credit card numbers through transactions on online forums, such as Cardplanet, gathering over 37,000 separate card data files and generating more than $3.5 million in revenues.”
The"Web of profit" report was commissioned by Bromium®, Inc., a pioneer and leader in virtualization-based endpoint security that stops advanced malware attacks via application isolation. The full report is available here (registration required).
Photo courtesy of iStockPhoto.co.uk, copyright BrianAJackson.
Dr. Michael McGuire joined the Department as Senior Lecturer in Criminology at Surrey University, UK, in September 2012. Dr. McGuire read Philosophy and Scientific method at the London School of Economics where he acquired a first-class BSc Econ. He completed his Ph.D., at Kings College London. He has subsequently developed an international profile in the study of technology and the justice system and has published widely in these areas. You can contact him at: email@example.com
Latest posts by Jeremy Swinfen Green (see all)
- Book extract: Keeping data secure outside the office - 26th July 2018
- Book extract: Where does the human cyber security threat lie? - 17th July 2018
- Taking a social lens to the cryptocurrency community - 11th July 2018
- Cyber breaches: are millennials to blame? - 28th June 2018
- Ben Desjardins, VP product strategy at RSA, on: Quantifying cyber risks - 21st June 2018