Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

6/1/2018
10:30 AM
Marc Wilczek
Marc Wilczek
Commentary
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail vvv
100%
0%

Cybercrime Is Skyrocketing as the World Goes Digital

If cybercrime were a country, it would have the 13th highest GDP in the world.

Worldwide, cybercriminals rake in at least $1.5 trillion every year — an amount equal to Russia's gross domestic product (GDP), according to research by Dr. Michael McGuire, senior lecturer in criminology at Surrey University and commissioned by security firm Bromium. In fact, if cybercrime were a country, it would have the 13th highest GDP in the world. McGuire's revenue figure includes estimated earnings of $860 billion from illicit or illegal online markets, $500 billion from intellectual property theft, $160 billion from data trading, $1.6 billion from crimeware-as-a-service, and $1 billion from ransomware. The research presents evidence that cybercrime revenues often exceed those of legitimate small to midrange companies.

In fact, the global crime economy has become a self-perpetuating organism — an interlinked web of profit where the boundary between the legitimate and illegitimate is often unclear. The McGuire report notes the emergence of platform criminality, which is similar to the business model used by companies like Uber and Amazon and whose stock in trade is data. The report also red-flags new modes of criminality that these platforms enable, and they allow illicit monies to be directed to more widespread criminal activities such as human trafficking, drug production and distribution, and even terrorism.

The World Goes Digital, and so Does Crime
Cybercrime is now a profitable underground economy. The fabled "darknet" provides the platform for transactions, the place where demand meets supply. The evolving cybercrime-as-a-service model offers everything from distributed denial-of-service attacks and malware to shiploads of stolen data sets on demand. Today, engaging in cybercrime is as simple as legitimate e-commerce.

Meanwhile, and making matters worse, the dependency on the availability and performance of IT infrastructure among legitimate enterprises is increasing heavily, which makes them more vulnerable to breaches that can wreak havoc on business. A few errant clicks by a clueless or malicious employee can take an organization offline or flood it with malware.

For those who know how, it is relatively simple to access the tools, services, and expertise of the cybercriminal. As a result, it's certain that both enterprises and governments will see more sophisticated, costly, and disruptive attacks — and that the problem won't be solved with old thinking or legacy technology. It will require fresh, more intelligent, and nimble approaches.

Platform Criminality Is Emerging
Interestingly, McGuire's report describes a growing interconnectedness and interdependence between the illegitimate and legitimate economies, something he calls the "Web of Profit." He contends that "companies and nation states now make money from this Web of Profit. They also acquire data and competitive advantages from it, and use it as a tool for strategy, global advancement and social control."

He continues: "There is a range of ways in which many leading and respectable online platforms are now implicated in enabling or supporting crime, albeit unwittingly, in most cases."

The emergence of platform criminality — which mimics the platform capitalism typified by companies like Amazon, Facebook, and Uber — offers fertile ground for hackers to further increase their ill-gotten gains. The report raises concerns that platform criminality is funding broader criminal activities such as human trafficking, drug production and distribution, and even terrorism.

According to the report, whether it's through hacking companies to steal users or personal data, distribute malware, flog illegal goods and services, establish fake shopfronts to launder money, or simply connect buyers and sellers, cybercriminals are clearly adept at leveraging existing platforms for commercial gain.

"This is creating a kind of 'monstrous double' of the legitimate information economy — where data is king," writes McGuire. "The Web of Profit is not just feeding off the way wealth is generated there, it is reproducing and, in some cases, outperforming it."

Post-Crime Reality and Terrorism
"We can clearly link cybercrime to the spread of new psychoactive substances with over 620 new synthetic drug types on the market since 2005," adds McGuire. "Many substances of this kind are manufactured in China or India, purchased via online markets, then shipped in bulk to Europe. But there is also evidence that groups who acquire revenues from cybercrime are involved in the active production of drugs."

The report shows that cybercriminal platform owners are likely to receive the biggest benefits from this new wave of cybercrime, and that they will probably distance themselves from the actual crimes. In fact, individual hackers may only earn a paltry $30,000 a year. In contrast, a trader can earn up to $2 million if they have just 50 stolen card details at their disposal.

McGuire refers to this as "post-crime" reality, one in which cybercriminals adopt a "platform capitalism" approach to selling, rather than committing crime.

In fact, McGuire unearthed criminal websites that provide ratings, descriptions, reviews, services, and even technical and customer support. These platforms are making the criminal "customer experience" better and providing easy access to services and products that support crime on a global scale.

Strangely enough, even criminal organizations themselves are also undergoing digital transformation and diversifying into new types of crime. McGuire claims that many of the larger known cybercrime operations typically reinvest revenues into expanding their operations — such as buying more crime software, maintaining a website, paying mules, or other criminal requirements. They invest approximately 20% of their revenues into further crime, which suggests that up to $300 billion may be funding future cybercrime and other serious criminal activities.

Alarmingly, the cybercriminals are not just stealing data to make money for the sake of it. McGuire suggests that their reinvestments include spending money to support other types of crime such as drug and human trafficking, and even terrorism. The report highlights one case where cybercrimes were committed specifically to generate more than $3.5 million for terrorist activities. Clearly, the need for cybersecurity is greater than ever, because the stakes have never been so high.

Related Content:

Marc Wilczek is a columnist and recognized thought leader, geared toward helping organizations drive their digital agenda and achieve higher levels of innovation and productivity through technology. Over the past 20 years, he has held various senior leadership roles across ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Where Businesses Waste Endpoint Security Budgets
Kelly Sheridan, Staff Editor, Dark Reading,  7/15/2019
US Mayors Commit to Just Saying No to Ransomware
Robert Lemos, Contributing Writer,  7/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-12815
PUBLISHED: 2019-07-19
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.
CVE-2019-13569
PUBLISHED: 2019-07-19
A SQL injection vulnerability exists in the Icegram Email Subscribers & Newsletters plugin through 4.1.7 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.
CVE-2019-9228
PUBLISHED: 2019-07-19
** DISPUTED ** An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A at least to 7.20A.252.062. The (1) management SSH and (2) management TELNET features allow remote attackers to cause a denial of service (connection slot e...
CVE-2019-12725
PUBLISHED: 2019-07-19
Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters.
CVE-2019-11989
PUBLISHED: 2019-07-19
A security vulnerability in HPE IceWall SSO Agent Option and IceWall MFA (Agent module ) could be exploited remotely to cause a denial of service. The versions and platforms of Agent Option modules that are impacted are as follows: 10.0 for Apache 2.2 on RHEL 5 and 6, 10.0 for Apache 2.4 on RHEL 7, ...