NESTA Crime Online - University of Brighton Repository

More documents

Recommendations

Info

video games. 83 However, the activities and level of organisation of Chinese hackers transcends the online game industry. A 2009 report provided compelling evidence and detail of the efforts of a network of Chinese hackers – which researchers have called GhostNet – that uses a malicious software programme to steal sensitive documents, control web cams and completely control infected computers. Investigations have disclosed 1,295 hacked computers in 103 countries belonging to international institutions. The report says "GhostNet represents a network of compromised computers resident in high-value political, economic and media locations spread across numerous countries worldwide." 84 There are also concerns that Chinese groups are becoming adept at applying ransomware. 85 Of particular concern is where ‘Denial of Service’ (DoS) attacks are beginning to target government agencies beyond China and thereby developing the potential to use these means as a weapon of war. There are very strong suspicions that these efforts at the very least are sanctioned or involve the state. 86 (C) Russia has traditionally been considered the original home of cybercrime, where high technical skills combine with a stumbling economy and a long tradition of organised crime. 87 Russian programmers are believed to be behind the most widely used malware- making toolkits such as Mpack and WebAttacker. Dubbed ‘the mother of cybercrime’, the Russian Business Network (RBN) has been linked by security firms to child pornography, 83 Kaspersky, “Security Trends 2008”. This subject has also been reported by vnunet.com, “Identity theft feeds $1 bn gaming black market”, February 21 2006. 84 Information Warfar Monitor (2009) “Tracking GhostNet: Investigating a Cyber Espionage Network”. 85 Malicious software which hijacks a personal computer and locks files until a ransom is paid. The first known case in the UK was in mid-1996 when a nurse from Rochdale found her computer files locked and was notified that she would have to pay to access a password to have them unlocked (presumably by credit card). Chapman, M., (1 st June 2006), Ransomware hijacks nurse’s PC, vnunet.com, http://msn.vnunet.com/vnunet/news/2157359/ransomeware-hijacks-nurse-pc, accessed 3 rd December 2008. 86 Greenemeier, L., (18 th September 2007), China’s Cyber Attacks Signal New Battlefield in Online, Scientific American, http://www.sciam.com/article.cfm?id=chinas-Cyber-attacks-sign, accessed 4 th December 2008. 87 In 1993, after the European Council invited Estonia, Latvia and Lithuania to apply for EU accession, the Baltic States implemented an intensive period of national and cultural reconstruction following years of encroachment from Russia, especially the penetration of Russian organised crime groups. At the centre of this purge was an attempt to stem the incursion of non-indigenous criminal influence on public-sector employers. It would seem that very early on in the evolution of the Internet, Russian organised crime became aware of its potential. After the collapse of the Soviet Union, the nascent Russian Business Network (RBN) is thought to have taken a keen interest in the IT skills that existed in the Baltic States. It also took a similar interest in the underemployed IT experts in the former Soviet Union’s military, many of whom remained unpaid for months on end. Page 30
corporate blackmail, spam attacks and online identity theft, although most Russian cybercrime is directed to financial fraud, particularly through botnets (collections of compromised computers) and phishing. 88 Although its activities online have often been highly visible, relatively little is known about who is (or was) behind the RBN. 89 Figure 7 Source: elaborated from Sophos Security Threats reports (2007, 2008). The RBN is widely thought to have shut down or relocated in 2007. However, this does not seem to have left a void in the fast emerging world of malware designed to harvest financial information. There have been reported cases where banking authentication 90, 91 information data has been sent to a series of sites belonging to a Chinese network. 88 Rhys Blakely, Jonathan Richards and Tony Halpin, Cybergang raises fear of new crime wave in Moscow, Timesonline.com, 10 th November 2007. 89 Symantec, (2008), “Symantec Report on the Underground Economy”, July 07–June 08. 90 The sums, usually around $50,000, are also small enough not to interest law enforcement agencies to any great extent. Page 31
Page 1 and 2: Research report: July 2009 Crime on
Page 3 and 4: ‘official’ statistics exist yet
Page 5 and 6: Dynamic Capabilities The second com
Page 7 and 8: economics (finance, micro-, macro-)
Page 9 and 10: 2.3 Cybercrime business models 73 2
Page 11 and 12: we focus on financial cybercrime. O
Page 13 and 14: measure all other statistical outpu
Page 15 and 16: fraud. Their methodology is still b
Page 17 and 18: opportunity for online theft of cre
Page 19 and 20: However, the recent increase in fra
Page 21 and 22: penalties for those who make fraudu
Page 23 and 24: Source: Elaborated from CIFAS onlin
Page 25 and 26: The rise of online and telephone ba
Page 27 and 28: ecruitment marketplace for cybercri
Page 29: Figure 6: Origin and destination of
Page 33 and 34: Nigerian criminal gangs in North Am
Page 35 and 36: the fastest growing segments. Howev
Page 37 and 38: 2 Digital ecosystem Innovation stud
Page 39 and 40: A digital business ecosystem is one
Page 41 and 42: actors, which are increasingly dist
Page 43 and 44: Figure 8: The cybercrime value chai
Page 45 and 46: tool is used by security and networ
Page 47 and 48: writers do not necessarily know how
Page 49 and 50: conceal this. Third, the device con
Page 51 and 52: Fraud on fraudster The most recent
Page 53 and 54: and facilitated by an explosion in
Page 55 and 56: The Storm botnet case study: the su
Page 57 and 58: accelerating on a monthly basis. Wi
Page 59 and 60: improvement and the introduction of
Page 61 and 62: that employees are more concerned a
Page 63 and 64: origin or signature or a presence o
Page 65 and 66: few simple words and a web link, wh
Page 67 and 68: web 2.0 sites (such as, social netw
Page 69 and 70: Source: John Leyden, “Trojan traw
Page 71 and 72: Cybercriminals find e-gold a conven
Page 73 and 74: ecosystem at various levels, creati
Page 75 and 76: expertise they need to perpetrate o
Page 77 and 78: are often offered for bulk purchase
Page 79 and 80: Crimeware-as-a-Service (CaaS): Para
Page 81 and 82:
no dominant force. Unlike tradition
Page 83 and 84:
is taken, priority is understandabl
Page 85 and 86:
particularly good one, since consta
Page 87 and 88:
outreach needs to be evaluated to e
Page 89 and 90:
some of these firms may have adopte
Page 91 and 92:
esilience must now surely be of con
Page 93 and 94:
7) Click fraud: also called pay-per
Page 95 and 96:
20) Pharming: is a scamming practic
Page 97:
Acknowledgements Numerous people as
show all

NESTA Crime Online - University of Brighton Repository

Create successful ePaper yourself

Delete template?

Save as template?