Like the most successful industries, organised crime syndicates are riding the crest of a technology wave by moving criminal activities like extortion and money laundering into the digital sphere. Dorothy Musariri explores the rise of the cyber mafia, which is disrupting huge enterprises and making millions of pounds every day
From The Godfather to The Sopranos, we can all picture what the stereotypical gangster looks like – but a new-look cyber mafia is going online to carry out rackets.
Research shows cyber attacks are on the up and suggests that’s largely down to the culprits shifting from small groups of hackers to large organised crime syndicates that have switched from Tommy guns to computer keyboards.
The weapons might sound less dangerous but they’re still able to wreak havoc upon businesses and individuals – earning a fresh moniker as the “New Mafia”.
Aatish Pattni regional director of UK and Ireland at German firm Link11, says: “It’s become serious over the past four to five years with the rise of ransomware and other extortion techniques, which enabled these attacks to be conducted at scale and without major costs.
“As the cyber economy flourishes, the opportunities for criminality also grows and the chance of getting caught diminishes.
“Cyber crime offers a high-return, low-risk opportunity.”
Cyber mafia is split into four types of criminals
The first types of computer hacking were reported in the early 1960s, when they were still referred to as computer viruses.
But the online criminal phenomenon exploded in the 2000s as the World Wide Web really took off and led to the current crop of cyber cartels.
There are now four groups of cyber criminals that have emerged over time – traditional gangs, state-sponsored attackers, ideological hackers and hackers-for-hire.
It is now an industry in itself, with a turnover of millions of pounds every month.
These groups of cyber criminals have also developed entirely new methods of attack, such as computer viruses, worms, or Distributed Denial of Service (DDoS) attacks.
DDoS attacks rely on multiple comprised computer systems to attack a target, such as a server or website, to disrupt service or serve as a mask to hide more targeted intrusions into an organisation’s infrastructure.
Cyber mafia attacks on businesses have almost doubled
With new gangs entering the cyber crime world, attacks have transformed from isolated acts into extensive, severe practices.
According to a report by software company Malwarebytes in December last year, ransomware attacks were up nearly 2,000% since 2015.
In September 2015, there were less than 16,000 attacks but this had risen to hundreds of thousands by September 2017.
Incidents recorded up until the end of October last year were 62% higher than in the entirety of 2016 – while the average monthly volume of attacks was up by 23%.
The cyber mafia has targeted companies in particular, using breaches to steal funds, data and intellectual property.
In 2016, there was a 96% rise in business-targeted cyber crimes compared to the previous year.
Kris McConkey, global lead for threat intelligence and incident response at accountancy giant PwC, was quoted in Malwarebytes’ report The New Mafia: Gangs and Vigilantes.
He said: “In a lot of cases [of IP theft] the affected organisation might not even that they’ve had an issue because all they’ve lost effectively is a copy of their design documentation, engineering plans and things.
“Actually, the real impact is then felt two, three, four or five years later when their competitor comes to market with something that’s designed on top of their research investment, which could be billions of dollars.”
The rise of crypto-laundering among the cyber mafia
Technology has made plenty of everyday tasks easier to carry out – and that’s just as true for criminals.
Money laundering through the cyber space has been on the rise in recent years.
In 2017, Russian national Alexander Vinnik was arrested in Greece and charged with laundering $4bn (£3.1bn) using Bitcoin exchanges.
The 39-year-old stands accused of being a ringleader of a suspected organised crime syndicate, which used a number of cryptocurrency trading platforms such as Mt Gox and BTC-e to launder money.
Meanwhile, European police agency Europol announced in April this year it arrested a Ukrainian man that it accused of being the mastermind of a cyber crime syndicate believed to be responsible for bank heists of more than $1bn (£777m).
In the past five years, it said the group FIN17 targeted more than 100 financial institutions all over the world and managed to steal millions of dollars at a time.
And last year a Briton was jailed in the Netherlands for accepting 11m (£9.9m) euros in “dirty Bitcoin” from criminals, converting it into clean money through his bank account and handing the withdrawn cash back to them.
The Economist reported earlier in April that Europol believes cryptocurrencies are becoming a more popular tool for criminals due to their “global availability, speed and irreversibility of transactions and the ability to hide identities”.
Rob Wainwright, executive director of Europol until May, estimated that 3% to 4% of Europe’s annual criminal takings – worth between 3bn and 4bn euros (£2.7bn to £3.6bn) – are crypto-laundered.
Link11’s Aatish says: “Moving money is one of the biggest logistical problems faced by cyber criminals.
“Digital currency removes much of this challenge as it can be mixed or laundered and then then be used to purchase other goods.
“With cryptocurrency, it’s easy to cover the tracks of currency transactions by passing them through large numbers of Bitcoin wallets.
“Just like money laundering, there are also Bitcoin mixing services that are available to launder the transactions.
“Cyber criminals don’t need to be experts when they can outsource the complicated stuff to other specialist services.”
Dr Mike McGuire, senior lecturer in criminology at Surrey University, believes the cyber mafia could already be turning away from Bitcoin though and moving into other virtual currencies, such as Monero, which provide greater anonymity.
He authored a report titled Into the Web of Profit, which was released in March and found that cyber criminals proceeds make up an estimated 8% to 10% of total illegal profits laundered globally – amounting to an estimated $80bn (£62bn) to $200bn (£155bn) each year.
Other popular laundering sources include in-game purchases and digital payment systems like PayPal.
Dr McGuire says: “It’s no surprise to see cybercriminals using virtual currency for money laundering. The attraction is obvious.
“It’s digital, so is an easily convertible way of acquiring and transferring cyber crime revenue.
“Anonymity is also key, with platforms like Monero designed to be truly anonymous, and tumbler services like CoinJoin that can obscure transaction origins.
“Targeted organisations must do more to protect their customers.”
Businesses need better IT security to keep cyber mafia out
Aatish believes the end goal is always money, whether it’s through extortion (ransomware or DDoS), reselling of stolen personal data (credit cards, personal identifiable information), fraud (purchase of stolen goods) or espionage.
He adds: “Cyber crime is simply an evolution for criminals. Their underlying business model has simply digitalised, because so much of value is now available in the digital domain.”
“If businesses had better IT security, preparations that can block and withstand the current generation of attacks before they can disrupt networks.
“A majority of companies only respond when they have actually been attacked.
“It’s the equivalent of letting a burglar get inside your house and start stealing your effects before you even respond.
“Companies need to stop burglars getting in, in the first place.”