A Sobering View of International Cybercrime

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.itbusinessedge.com/blogs/data-security/a-sobering-view-of-international-cybercrime.html

A few months ago, I had the opportunity to sit in on a talk given by
Christian Karam, a digital crime officer, cyber innovation and outreach,
with Interpol, at G DATA’s 30thanniversary celebration. It was a
fascinating discussion (and I got to continue it a bit on a shared cab ride
with Karam the next day) about how cybercrime is universal yet regional,
and how it is continuously evolving.

Karam’s talk focused on the difficulties facing law enforcement when it
comes to stopping cybercrime internationally. Unlike security companies,
law enforcement – Interpol specifically – isn’t just concerned with
stopping cybercrime, but with putting the cybercriminals in prison. Why?
Karam said:

"If you just stop the criminals from their activities, they will come back
with a smarter, faster, more elegant way to do damage."


He also quoted the person who used to head up the European Cybercrime
Center, saying that there are only about 100 malware coders in the world,
and if you block them, you stop about 70 percent of cybercrime. The bigger
problem is the ease of committing cybercrime itself.

Cybercrime doesn’t have borders, and those involved in cybercrime are
acting more like big business every year, with CEOs and recruiters and
worker bees, just like any other business setting. However, cybercrime
isn’t the same everywhere. There might be shared aspects to it, but
different regions, countries, or even cities, are targeted differently. For
instance, Karam said the worst places for mobile threats are Dubai and
Singapore. The reason is to capture emails that reveal important investment
data that is funneled through to managers and other players willing to pay
for the information. These “kingpins,” as Karam called them, then go on to
make legal investments and make legal money through the compromised emails.
Karam went on to say:

"It’s not only about stealing bank accounts and stealing money directly,
but it’s also about using the information, doing the extortion, and
investing in the legal market. . . . The state of organized crime is making
it easier for others to commit cybercrime."

The biggest problem for Interpol – and I would say for any country or
community fighting cybercrime – is the lack of law enforcement with an
expertise in cybersecurity (funny how that mirrors the lack of qualified
security professionals). The amount of different types of threats is
stunning, and some of those threats are incredibly individualized. Karam
discussed those threats in depth, from ransomware to malware hidden in
Bitcoin.

The lack of qualified law enforcement is one reason cybercrime is so hard
to control, but Karam also pointed out another problem. We become so
focused on one task that we aren’t able to see the other issues and
surprises that pop up around us. That’s why it is so important for
organizations and governments to work together. He said:

"If we don’t all jump in, we’re not going to get the whole picture. This is
the gist of international collaboration talks. Everyone has something to
bring to the table."

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!