Why cybercrime is here to stay

See related post: Anatomy of a $9.4 million cyber heist

Law enforcement has made great strides overcoming geo-political obstacles in bringing prosecutions in the TJX, Heartland and RBS WorldPay cases. Yet  the Internet remains saturated with criminal activity.  Cybercriminals continually harvest and cull stolen data and carry out elaborate cash-out schemes using the Web to collaborate. The ring leaders who formed a partnership to snatch $9.4 million in a quick-strike, global ATM heist using data stolen from RBS WorldPay did so from their respective keyboards in Moldova, Estonia and Russia. In this exclusive LastWatchdog guest blogpost, Erik Laykin, cybercrime-focused attorney at Los Angeles-based mega law firm Duff & Phelps, supplies a 30,000 foot view of the threat landscape.

By Erik Laykin
Global Electronic Discovery & Investigations Practice co-leader
Duff & Phelps.

erik-laykin_275pxOrganized criminals on every continent and in every country are focusing heavily on the benefits of investing in cyber crime. The traditional risks of being chased through the streets by police or being shot by a security guard are significantly diminished when one is able to skim electronic funds off of a network or coerce unsuspecting homemakers to provide their identity which you in turn can sell without ever interacting with a human being in the physical world.

As a result, organized criminal gangs have been evolving over the recent years with sophisticated command and control structures which are either part of or resemble traditional Mafia-style operations.

These organized crime gangs recruit heavily among the younger technology savvy hackers whom are often naïve or unaware of the personal risks they are taking. On the other hand, some of these technologists are coerced and other technologists yet are simply criminally minded to begin with.

Global dispursement

Heavy concentrations of these criminal technologists exist in Eastern Europe, Russia and the Ukraine as well as South America and China. Often times, the dastardly plots cannot be effectively executed without the assistance of “feet on the street” in the countries which play host to the victims, such as the United States, Western Europe and the developed regions of East Asia. As an example, the TJX/Heartland scam required the use of Albert Gonzales of Miami, Florida, and his gang here in the United States to case victims by physically monitoring and scouting their locations and identifying vulnerabilities that could be leveraged on behalf of the criminal enterprise.

The RBS WorldPlay case illustrates the necessity of these criminal gangs to have wide networks of ‘’soldiers” that they can deploy in an orchestrated and timed fashion. Without effectively leveraging telecommunications, mass distribution of messaging, clandestine codewords and other “tools of the trade,” the RBS WorldPlay scam could not have effectively been pulled off.

Each year, the criminal gangs become more effective and learn from the mistakes which are made by those who get caught. The sophistication in which these criminal gangs operate can in some cases rival or surpass that of the law enforcement agencies charged with tracking and prosecuting them.

Partners in cybercrime

Often the most effective way for a criminal gang to leverage information technology vulnerabilities within an organization is by turning an existing employee to their favor or planting a criminal mole in the guise of an employee. These highly trained technologists that may be working for any number of companies or government agencies are trusted resources to their employers while at the same time serving as vital components of a criminal enterprise – feeding information, schematics, passwords and other mission-critical data to their techno-mob bosses back home.

The criminal gangs that have been caught as of recent are partners in crime with an emerging class of cyber filth that shake the trust in the system and networks which we all rely upon and thus it is vital for corporations and individuals to be aware of their risk profile and how to mitigate issues that can lead to danger.

This includes close cooperation with law enforcement through public-private partnerships such as the FBI Infragard program and the United States Secret Service Electronic Crimes Task Force . These organizations are committed to working with private enterprise to identify early threats and trends, as well as investigate possible bad acts.

Organizations such as Duff & Phelps’ Global Electronic Discovery and Investigations practice work in the commercial space to assist corporations and law firms in the identification and mitigation of external risks and threats, as well as those shadowy issues that lurk within companies.

Cyber criminals today are no different from the gangs of yesteryear in so far is that they look to exploit vulnerabilities and weaknesses in an organization’s defenses. However, in today’s world, the organized criminal enterprise can leverage the weaknesses within dozens of victims simultaneously to achieve an extraordinary economy of scale. From the safety of their dismal Estonian operations centers, the criminals executing the RBS WorldPlay scam were able to rapidly achieve a multimillion dollar theft in a coordinated and organized manner that touched multiple continents.

Complexity quotient

Whereas five years ago a successful breach of a company’s information systems may have required one or two steps (including the insertion of a Trojan horse or a data scraping utility), today’s multinational scams can be far more complex and require months of planning. These crimes require extensive surveillance and review of victims’ vulnerabilities; management of distributed resources; intimate knowledge of the timing, security and remediation responses to be expected; and a predefined global communications network for tactical operations and the movement of the loot.

Fortunately, law enforcement around the world is working in greater concert with one another and barriers such as extradition treaties are finally coming down as it relates to cyber crime. Nonetheless, among the most challenging issues is the effective collection of digital evidence in a forensic court accepted manner to support the case. Law enforcement often has the ability to act where private enterprise cannot. However, this does not negate the importance of private enterprise effectively and quickly securing systems and capturing electronic evidence in such a fashion that a prosecution can be pursued. Duff & Phelps works regularly with corporate clients who are seeking to forensically capture electronic evidence in the US, Europe and Asia for the purpose of litigation or establishing culpability or liability in a matter in which they have been victimized.

Leaders in our industry have found over the years that having a predetermined protocol in place for responding to a breach, a hack or some other internal event where there is a loss of data, trade secrets or other corporate assets is vital in the overall protection of the company, the customers and the shareholders interests.

Cybercrime is here to stay and the bad guys are getting smarter. Their tools are becoming more effective, and they have little regard for national or local laws or ethics. Unfortunately, they are multiplying like spam!

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone