The growing organisation of online criminality

‘It is hard to say what forms organised crime will take in the future, but the reality is not very far from some science-fiction movies’ – Bojan Dobovsek,

Hackers accessing computer systems for the sake of pleasure or notoriety are no longer the norm in today’s cybercrime world. The digital economy’s rise and growth have drastically altered the criminal landscape.

Digital networks have become an attractive environment for various types of criminal groups due to high rewards mixed with low risks. Furthermore, cybercrime is thought to be at the beginning of a rapidly growing illegal economy in which criminal acts are carried out by professional networks as long-term sustainable enterprises.

Because of the phenomenon’s ‘newness’, there is currently a significant paucity of research on how these cyberspace networks are constructed and function. However, it is also being debated whether we are witnessing the rise of a new form of organised criminal gang operating only in cyberspace: groups which are yet to be consolidated into a stable system but are nonetheless hazardous.

The digitisation of all aspects of human life – such as healthcare, education and business, has gradually led to the storing of a wide range of data, including sensitive information. Cybersecurity involves the process of securing digitised information against theft or physical harm while retaining the information’s confidentiality and availability. However, as technology advances the incidences and complexities of cybercrime grow. The use of insufficient software, expired security tools, design faults, programming errors, freely accessible online hacking tools, lack of public knowledge, high rates of financial returns and other factors are all contributing to this massive increase in cybercrime.

Technical attackers build more powerful attack tools to investigate the target’s vulnerabilities and thereby attack the victim. This has resulted in the emergence of new attacks in a variety of forms which are difficult to detect.

The development of effective security algorithms has been aided by an increase of Internet-dependency in all walks of life, the digital character of data in large volumes accumulating through online transactions, and the decentralisation of data repositories. Because of the ever-changing nature of cybercrime, it’s tough to keep up with it and avoid new risks.

Because advanced threats play such a large role in cyberspace, it is the most demanding and challenging assignment. As a result, it is a requirement to acquire knowledge of security defence mechanisms, various methodologies, and current themes in the field of information security.

Cybercrime – is a word for a crime that involves the use of a computer to commit robbery or a crime of commission. Computer crimes such as the propagation of network intrusions and pc-viruses – as well as the computer-based variants of existing crimes such as stealing, stalking, intimidation and coercion – are among the growing list of cybercrimes. In layman’s terms, cybercrime can be characterised as crimes performed with a computer and the Internet to steal someone’s identity, sell them to smugglers, stalk them, or disrupt activities with malicious software.

Cyber Security – Privacy and information protection are two of the most important security concerns for any business. In today’s largely-digital or cyber-specific environment where all data is kept, we prefer square measurements. While social networking sites provide a safe space for users to interact with friends and family, cyber-thieves also use these sites to steal personal information.

The Cyberspace Operations

Organised criminal organisations are gradually shifting their focus from traditional criminal activities to more lucrative and less risky cyberspace operations. While some traditional criminal organisations are looking for e-criminals with the required technological skills, emerging forms of criminal networks focused solely on e-crime have already arisen.

These criminal organisations do not have the same structure as classic organised crime groups. Criminal actions are frequently carried out through multi-skilled, multi-faceted virtual criminal networks that convene online. Members of these networks rarely meet in person and sometimes have no virtual communication with other colleagues; therefore, they are established on a ‘stand-alone’ basis. This sophisticated structure, combined with access to core operations restricted to close allies, precludes law enforcement from detecting and infiltrating organised cybercrime groups.

The networks themselves may have anything from ten to several thousand members, and their structure can include related networks. Virtual criminal networks are usually run by a small group of skilled online criminals – who do not conduct crimes themselves but rather act as entrepreneurs, regardless of the number of members and affiliates. The network’s top members split up the various responsibilities (spamming, controlling infected machines, and trading info) among themselves. Because they have adequate resources to build and maintain value chains throughout the entire cycle of cyber-offences, certain ‘elite’ criminal groups operate as closed organisations and do not participate in online forums. As a result, they do not need to outsource or engage as outsiders in other groups.

The Ecosystem of Cybercrime Operations

Organised crime plagiarises legal business models. For their activities, cybercriminals deploy B2B (business-to-business) models such as the extremely sophisticated C2C (criminal-to-criminal) models which make use of highly effective crime tools available through digital networks. Crimeware like viruses, Trojans and keyloggers are created by exploiting the vulnerabilities and software of computer systems. These crimeware tools allow criminal organisations to control, steal and trade data with ease.

Botnets, which are networks of hijacked computers that run applications under external control, have transformed various types of cybercrime, such as phishing, into a global underground ecosystem controlled by organised crime. These criminal organisations are thought to have made tens of thousands to tens of millions of dollars in profit. Botnet trading has evolved into a lucrative business that may be related to organised crime. In comparison to the criminals’ financial gain and the damage to individual customers and businesses, as well as the financial health, reputation and trust in online transactions as a whole, the botnets’ costs are very minimal.

Models which provide data are often used to provide the tools that are used to perpetrate cybercrime. For example, by constructing ‘customer’ systems wherein instruments are available on-demand, ‘users’ may simply enter onto the server and select from a variety of fraud, phishing and data-stealing tools before downloading them. Criminals can employ crimeware servers to launch coordinated attacks when user-data is taken. Crimeware servers make it possible to take control of infected systems and manage stolen data.

The situation is very likely to worsen shortly, due to the lack of a global plan to combat organised cybercrime. Criminal groups will profit from the full range of tools and models accessible to the lawful economy sectors as ICT networks and the opportunities they provide develop. The information’s availability will make it easier for organised groups to not only acquire the information, but also promote and automate their fraud-committing activities. More opportunistic criminals will most likely be linked to established crime networks as a result.

Approach

The growth of digital operations and services in legitimate markets is a key enabler for organised cybercriminals – both for committing traditional crimes and for developing new types of illegal activities, as markets and trading have always attracted organised criminal groups seeking benefits from illegal activities. Cybercriminals, particularly organised criminal gangs, have always been and will likely continue to be one step ahead of politicians and law enforcement agencies. Along with strengthening current legal frameworks, updating outdated legislation and harmonising laws on an international level, cross-sector cooperation on a national level, as well as international cooperation, is required in detecting, investigating and preventing e-crimes perpetrated by organised criminal groups. Because combatting organised cybercrime appears to be a changing target, full understanding and a forward-looking approach are required.

Organised cybercrime gangs employ extremely sophisticated tools for online illegal operations, based on business models which have been shown to be effective in the legitimate commercial sector. Individuals, corporations and governments are all in danger as their economies become more digitalised. E-crime is carried out as a long-term, sustainable criminal enterprise. Because the Internet is borderless, the problem of organised cybercrime has global implications – as no country can guarantee security exclusively within its boundaries. The only way to solve the problem is to devise long-term solutions which entail both national and international coordination and harmonisation of efforts.

Conclusion

Cybercrime has far-reaching implications for national and global economic security. It is all-encompassing, violent, all-pervasive and increasingly sophisticated. There are major concerns for many industrial agencies, public and private organisations (particularly vital infrastructure), and enterprises and governments alike; having cybersecurity with all of its components will be necessary for future growth, innovation and competitive advantage. Data security continues to differ from cybercrime by wholly different approaches with each new-year. New and unstable developments, as well as evolving cyber-tactics and regular attacks, make it harder for organisations to defend their infrastructure while also requiring new channels and intelligence. However, we must work tirelessly to reduce cybercrime so that cyber-houses can have a healthy and stable future.

Reference

1. Ashby MPJ (2016) Is metal theft committed by organized crime groups, and why does it matter? Criminol Crim Justice 16(2):141–157
2. Broadhurst R, Grabosky P, Alazab M, Chon S (2014) Organization and cybercrime: an analysis of the nature of groups engaged in cybercrime. Int J Cyber Criminol 8(1):1–20
3. https://www.herjavecgroup.com/the-2019-official-annual-cybercrime-report/

4. https://www.sophos.com/en-us/press-office/press-releases/2018/01/businesses-impacted-by-repeated-ransomware-attacks-according-to-sophos-global-survey.aspx 

5. Lavorgna A (2015) Organised crime goes online: realities and challenges
6. Mohsin, M.; Anwar, Z.; Zaman, F.; Al-Shaer, E. IoTChecker: A data-driven framework for security analytics of Internet of Things configurations. Comput.Secur. 2017, 70, 199–223
7. Ravi Sharma Study of Latest Emerging Trends on Cyber Security and its challenges to Society International Journal of Scientific & Engineering Research, Volume 3, Issue 6, June-2012 1ISSN 2229-5518.
8. The Next Generation of cybercrime: How it’s evolved, where it’s going. Secureworks (2010).
9. VeenooUpadhyay, SuryakantYadav Study of Cyber Security Challenges Its Emerging Trends: Current Technologies International Journal of Engineering Research and Management (IJERM) ISSN: 2349- 2058, Volume-05, Issue-07, July 2018

 The writer is a Ph.D. candidate, Certified Forensic Investigation Professional, Associate Member of ACFE, Researcher, and Accountant for Serviceships Ghana Ltd & Cape Logistics Ltd)

Contact: 0246390969     – Email: [email protected]