Cybercrime is in high gear

Cybercrime is in high gear

Expert panel will discuss online extortion, data breaches at upcoming Mob Museum program

A panel discussion, The Digital Underworld: Cracking Down on Cybercrime, is set for Thursday, October 5, at 7 p.m. at The Mob Museum.
For more information, click here:

Two years ago, in an article, “The New Face of Organized Crime,” a writer for the venerable tech company IBM referred to 2014 as “the year of the hack.” Online thieves stole computer records of several million patients from the U.S. health care firm Community Health Systems, more than two million bank card numbers from the craft retail chain Michael’s, and online records from places as varied as JP Morgan and Goodwill.

INTERPOL’s Operation Pangea X, targeting the illicit online sale of medicines and medical devices, recently saw some 400 arrests worldwide and the seizure of more than $51 million worth of potentially dangerous medicines. Photo courtesy of Europol.

Then in 2015, the IRS itself suffered a breach of tax information for 100,000 people, and hackers invaded Sony and withdrew the Social Security numbers of tens of thousands of employees.

Fast forward to 2017, and this new face of organized crime — international cybercrime — reached an even more serious level, with ambushes against even larger targets. Gangs of computer hackers used ransomware to paralyze the computer systems of hospitals, businesses and government agencies in multiple countries with made off with troves of confidential public and private data in order to steal from victims or sell the information to other criminals.

This year in cybercrime proved that one of the biggest rackets going is ransomware, a form of online extortion. Malware (aka Trojans, worms, viruses) is employed to enter a computer network, encrypt and thus block access to files. The criminals then demand a ransom payment for the key to release it. They typically send out unsolicited emails to impersonate legitimate businesses, encourage the reader to click on a link, exploit flaws in the operating system and inject the file-crippling malware code.

Profits from malware ransoms are expected to reach $1 billion worldwide this year, and the targets of cybercriminals are sure to struggle defending themselves. About 50 new variants of malware were developed each month in the first half of 2016, and new infections hit from 30,000 to 150,000 devices per month, according to the Silicon Valley cyber-security company Barracuda Networks, Inc.

A global malware attack this past May, known as “Wanna Cry,” allegedly directed by the Lazarus Group linked to North Korea, used an American-invented program called EternalBlue to compromise XP and other older versions of the Microsoft Windows operating system by inserting malicious ransomware into 300,000 computers in 150 countries. The cyber-strike crippled the British National Health Service (which used old Windows systems in 90 percent of its computers), the French car company Renault and other prey in nations such as Russia, China, Ukraine, India, Italy, Spain and Australia. The hackers demanded from each victim $300 in the cryptocurrency Bitcoin to unlock the malware. But Microsoft added security patches to fix the abused computers, and the criminals collected only about $100,000 in ransom payments.

Months later, entrepreneurial hackers made greater inroads, this time in breaching computer networks to get their hands on valuable private and government data, with hair-raising results. The major consumer credit rating firm Equifax announced on September 7 that hackers had filched the names, addresses, Social Security numbers and other information of 143 million customers – nearly half the U.S. population.

Recent arrests nabbed cyber-criminals for the buying and/or selling of counterfeit euro banknotes. Photo courtesy of Europol.

Then, on September 20, the U.S. Securities and Exchange Commission, which regulates billions of dollars worth of stock trades on Wall Street, disclosed that a cyberattack broke through a weakness in EDGAR, the SEC’s online filing system containing millions of publicly traded company documents, leading to the theft of confidential “non-public” records that could be used for illegal insider trading. The SEC said it eliminated the flaw, but the damage was done.

Cybercrimes against public and private targets are projected to hit new heights in the next few years. Cost estimates of cybercrime vary widely. The British insurance company Hiscox put cybercrime’s cost to the global economy at $450 billion for 2016, based on a survey of businesses in the U.S., U.K. and Germany. But, according to CSO Security Business Report, a cybersecurity news website, the market research firm Cybersecurity Ventures put the total damage worldwide from cybercrimes much higher — $3 trillion in 2016 and estimated to grow to $6 trillion by 2021.

The spread of mobile phones into formerly underserved parts of the world and the growth of the “Internet of Things” or “IoT” – controlling things such as “smart” buildings, cars, home appliances and security systems from computers and mobile devices – ensures that cybercriminals will have plenty of future opportunities to hack and disrupt websites, commit fraud and steal data, money and trade secrets. The U.S. research company Gartner. Inc. estimates there will be 8.4 billion “connected things” this year, rising to more than 20 billion in 2020.

Online criminals also turn to the exclusive “Darkweb” – a series of websites reachable only through a distinct software — as an online market for stolen information, illegal drugs, firearms and digital instructions on how to commit criminal acts, known as “Crime-as-a-Service,” or CaaS. One such attack method, manipulating defects in poorly defended web-connected devices, is “distributed denial of service,” or DDoS. Hackers can shut down a website, business or factory by transmitting excess web user traffic. Drug traffickers in Mexico have hacked into drones to mislead U.S. investigators about their location.

Counterfeit bank notes, part of illegal Darknet marketplaces, such as AlphaBay and Hansa Market. Photo courtesy of Europol.

One the greatest successes enjoyed by law enforcement this year was ending the Alpha Bay criminal marketplace from the Darkweb. Alpha Bay started in December 2014, selling malware, heroin and other drugs, toxic chemicals, guns, stolen personal financial data, counterfeit documents and hacking tools to global clients. It quickly grew into the largest criminal market on the Darkweb, making $100 million a year. On July 5, the U.S. Justice Department, working with law agencies from Thailand, Canada, the Netherlands and the U.K., captured Alpha Bay’s kingpin, Alexander Cazes, in Thailand. Cazes used Bitcoin, Monero and other cryptocurrencies to launder money and parked more of his illicit funds via purchases of real estate and a line of luxury cars. He committed suicide in his jail cell in Thailand on July 12.

Cyber-gangs, by virtue of operating almost anywhere with an Internet connection, are willing to strike targets both big and small. Russian cyber-gangsters were blamed in 2014 for an online assault in which they stole 1.2 billion user names and email addresses, then the biggest hack ever. More recently, an overseas online ring calling itself The Dark Overlord Solutions hacked into the computer network of a small school district in Flathead County in northern Montana. The gang used a ransom note demanding digital currency or “we will wreak havoc upon your school district and your personal lives.” The district closed its schools and canceled sporting events for three days, but officials soon determined students were not in danger.

The former bank robber and author Willie Sutton, when asked why he robbed banks, once famously replied, “Because that’s where the money is.” But today, computer data — binary digits — is as good as cash, and modern robbers don’t have to physically go to financial institutions, stores or armored trucks to get it.

As Ginni Rometty, chairman, president and CEO of IBM, told Forbes magazine in 2016, “Data is the phenomenon of our time. It is the world’s new natural resource. It is the new basis of competitive advantage, and it is transforming every profession and industry. If all of this is true — even inevitable — then cybercrime, by definition, is the greatest threat to every profession, every industry, every company in the world.”

Feedback or questions? Email blog@themobmuseum.org