NESTA Crime Online - University of Brighton Repository

More documents

Recommendations

Info

1.5 Global distribution of cybercrime Cybercrime is a global industry but the combination of poor economic opportunities and high skills is driving many developing regions to surface as major players in cybercrime. Cybercrime has experienced a higher degree of globalisation 77 perhaps due to its ability to gravitate to permissive environments – countries with minimal legal restrictions – and the nature of the technology involved. All the published evidence and our interviews strongly confirmed that cybercrime is a global issue, and international collaboration among the cybercriminals is expected to grow in the future. The global nature of the Internet facilitates participants from all locations, while law enforcement authorities struggle to unify their laws on cybercrime. The increasingly even distribution of the required skills to perpetrate cybercrimes, coupled with uneven prosecution procedures and legislations, are driving the fast global redistribution of the geographical location of cybercrime. 78 Unsurprisingly, most cybercrime attacks are currently directed to the US and the UK, since they account for a high proportion of financial traffic globally. A recent report confirmed the US as the most widely targeted country in November 2008, absorbing 53 per cent of the world’s phishing attacks. The UK was the second highest targeted country at 15 per cent, followed by Italy, Spain and Canada. 79 Figure 6 shows that the origin of phishing activities is also concentrated in a few international locations, namely the US, Southern Asia and Eastern Europe. Other locations, such as Brazil and India are also rapidly entering the global cybercrime scene. 77 Kshetri, N, (2006), “The Simple Economics of Cybercrimes”, IEEE Security and Privacy, Vol. 4, No. 1. 78 Although 34 countries initially signed the Council of Europe’s Convention on Cybercrime in November 2001 many have not, as yet, ratified the convention, including the UK. 79 RSA Anti-Fraud Command Center (November 2008): A Monthly Report from the Phishing Repository. Page 28
Figure 6: Origin and destination of phishing attacks Origin of phishing attacks Destination of phishing attacks Source: Arbor Networks (http://www.arbornetworks.com/). Each region has its own digital ecosystem – or networks – and has developed technological capabilities according to their available skills, domestic context and local vulnerabilities. These have been characterised by some reports, 80 and can be summarised as follows. (A) The United States is still the major generator of malware and according to the latest Symantec report it is still the country with the most underground servers (hosting 41 per cent of the total servers observed by Symantec from 2007 to 2008). 81 In 2006 the United States was reported as the top country in the world hosting web-based malware. However, other reports argue that this position has been overtaken by China in 2007. 82 (B) Much attention is placed on China when considering the future of cybercrime. China has more than 137 million computer users, one-quarter of whom play online games, and cybercriminals are feeding on this massive interest. Chinese hackers are currently focused on developing the Trojans that lift personal information from online 80 MacAfee, (2008), “One Internet, many worlds”, Sophos Security Threats reports (2007, 2008). 81 Symantec, (2008), “Symantec Report on the Underground Economy”, July 2007–June 2008. However, the report does not provide a total number of underground economy servers on which the study is based upon. 82 Sophos Security Threats reports (2007, 2008). Page 29
Page 1 and 2: Research report: July 2009 Crime on
Page 3 and 4: ‘official’ statistics exist yet
Page 5 and 6: Dynamic Capabilities The second com
Page 7 and 8: economics (finance, micro-, macro-)
Page 9 and 10: 2.3 Cybercrime business models 73 2
Page 11 and 12: we focus on financial cybercrime. O
Page 13 and 14: measure all other statistical outpu
Page 15 and 16: fraud. Their methodology is still b
Page 17 and 18: opportunity for online theft of cre
Page 19 and 20: However, the recent increase in fra
Page 21 and 22: penalties for those who make fraudu
Page 23 and 24: Source: Elaborated from CIFAS onlin
Page 25 and 26: The rise of online and telephone ba
Page 27: ecruitment marketplace for cybercri
Page 31 and 32: corporate blackmail, spam attacks a
Page 33 and 34: Nigerian criminal gangs in North Am
Page 35 and 36: the fastest growing segments. Howev
Page 37 and 38: 2 Digital ecosystem Innovation stud
Page 39 and 40: A digital business ecosystem is one
Page 41 and 42: actors, which are increasingly dist
Page 43 and 44: Figure 8: The cybercrime value chai
Page 45 and 46: tool is used by security and networ
Page 47 and 48: writers do not necessarily know how
Page 49 and 50: conceal this. Third, the device con
Page 51 and 52: Fraud on fraudster The most recent
Page 53 and 54: and facilitated by an explosion in
Page 55 and 56: The Storm botnet case study: the su
Page 57 and 58: accelerating on a monthly basis. Wi
Page 59 and 60: improvement and the introduction of
Page 61 and 62: that employees are more concerned a
Page 63 and 64: origin or signature or a presence o
Page 65 and 66: few simple words and a web link, wh
Page 67 and 68: web 2.0 sites (such as, social netw
Page 69 and 70: Source: John Leyden, “Trojan traw
Page 71 and 72: Cybercriminals find e-gold a conven
Page 73 and 74: ecosystem at various levels, creati
Page 75 and 76: expertise they need to perpetrate o
Page 77 and 78: are often offered for bulk purchase
Page 79 and 80:
Crimeware-as-a-Service (CaaS): Para
Page 81 and 82:
no dominant force. Unlike tradition
Page 83 and 84:
is taken, priority is understandabl
Page 85 and 86:
particularly good one, since consta
Page 87 and 88:
outreach needs to be evaluated to e
Page 89 and 90:
some of these firms may have adopte
Page 91 and 92:
esilience must now surely be of con
Page 93 and 94:
7) Click fraud: also called pay-per
Page 95 and 96:
20) Pharming: is a scamming practic
Page 97:
Acknowledgements Numerous people as
show all

NESTA Crime Online - University of Brighton Repository

Create successful ePaper yourself

Delete template?

Save as template?