A month ago I read a fascinating book called McMafia 1by Misha Glenny 2. Glenny, a former BBC world correspondent, presents a terrifying yet eye opening look at how organized crime has progressed with Globalization over the last few decades. Glenny covers all the major illicit activities from global drug trafficking networks, to prostitution and human trafficking. One chapter in particular is dedicated to the future of organized crime and the fastest growing sector, cybercrime.
Gone are the days of hackers working in solitary conditions. In the last 5 years there has been a shift from “ego” hackers to ones employed by criminal syndicates. While drug trafficking is still the backbone of organized crime, cybercrime is truly without borders and shows tremendous returns on investments. Money is there to be made on everything from farming for compromised online banking accounts, to identity theft. Spam is as lucrative as ever if not more so. It is being used for spreading malware to compromise machines, and selling products ranging from illegal pharmaceuticals to counterfeit watches.
He mentions the BRIC countries, Brazil, Russia, India and China, the primary sources of spam today. He mentions how high levels of poverty combined with good education levels are leading to the creations of armies of young, organized cybercriminals. Furthermore these syndicates are hiring the brightest minds! Resourceful hackers now want to get paid. He mentions how banks and credit card companies are happy to absorb the costs of cyber theft because they have saved so much money by persuading us to use the Internet and downsize their operations. Are they ready for the cybercrime surge that is inevitable? Various sources estimate that up to 20% of the world’s GDP comes from the shadow economy. Cybercrime in 2008 was already a $100 billion a year industry3.
So what can we do to stop all this? What tools do we have at our disposal online to find and track cybercriminals? WHOIS – a system that is littered with false information due to registrars not enforcing accreditation agreements? The registrars themselves are not following the accreditation agreement! Check 4 for a live list of registrars who don’t have a functioning WHOIS server. Perhaps education and awareness of the severity of this problem will ultimately result in some form of regulation and control. Currently however, policing the internet seems to be an intractable problem.
Trackback from your site.