ORGANIZED CYBER CRIME:
Comparison of Criminal Groups in Cyberspace
Technology has allowed users worldwide an ease of access from online banking to instantaneous communication via email or phone. Criminals have also benefited from those same technological innovations, giving them a greater access to victims and targets, worldwide communication, and minimizing attribution. Cybercrime is an area that has flourished, as it requires little resources, no traveling, and a skill set that is readily available to learn. This has made cybercrime a serious threat to both national and international security. In 2014, McAfee estimated that the cost of global cybercrime is 0.8% of global GDP;[2] that’s over $400 billion USD in losses to cybercrime.[3], [4], [5] Furthermore, unlike in traditional criminal activity, organized cyber-criminal groups prefer to remain unknown,[6] which makes tracking cybercrime activity incredibly difficult.
Both groups and individuals use many of the same tactics, but it is the transnational reach that many organized criminal groups had before the increased use of technology that makes this hybrid of ‘traditional’ crime – human and drug trafficking for example – and cybercrime specifically threatening. It is important to address the threat that both organize cyber criminals, and organized cyber-criminal groups pose to international security. The organized criminal groups that are very well known for their cyber activity include the Russians, African criminal groups including those in Nigeria and Ghana, and the Chinese. How they use cyber space for criminal activity will be important to note throughout the paper, as they use different tactics, have different drivers, and organizational structures.
Organized Cyber Criminals
While the main focus of this paper will be on organized criminal groups, it is important to note that cyber criminals are as organized, as well resourced, and as successful as many organizations. For example, Albert Gonzalez is responsible for one of the biggest credit card frauds in history taking place from 2005 – 2007.[7], [8] Over 18 months, Gonzalez stole 45.6 million credit and debit card numbers from TJX Companies Inc., owning T.J. Maxx, Marshalls, HomeGoods, and Winners.[9] During this time he also was responsible in the Dave & Buster’s hacking job, resulting in accessing 5,000 payment cards from New York.[10] During this time, Gonzalez was actually a government informant for the U.S. Secret Service, helping to put away a number of cyber criminals and hackers while launching scams and attacks of his own.[11], [12] In 2010, Gonzalez was convicted for the theft of over 90 million credit and debit card numbers.[13] Max Butler is another example of an exceptionally organized cyber-criminal having been both a white hat hacker for the U.S. Government,[14], [15] and later a black hat hacker after acquiring over two million credit card accounts,[16] totalling $86.4 million dollars in fraudulent credit card charges.[17] Both Gonzalez and Butler were driven by the “thrill”[18] of cyber theft, and the personal gratification they received in proving they could hack into such complicated and well-protected systems.[19] This is different from criminal organizations, which are driven by profit, rather than personal ambition or sheer boredom.
Russian Organized Cyber Crime
The Russians are some of the most successful and well-resourced organized cyber criminals groups.[20] This talent is due to ex-KGB spies using their skills and expertise for monetary profit, and establishing the Russian Business Network (RBN) after the Iron Curtain lifted in the 1990s.[21] The RBN has both incredible patience and resources, allowing its members to hack information from high-ranking personnel, usually in the form of credit card and identity theft.[22] In 2008, RBN was responsible for the RBS WorldPay scam in which they not only hacked past WorldPay’s sophisticated encryption system, but also gathered information pertaining to a number of debit cards.[23] In twelve hours, the RBN withdrew $9 million, using fake debit cards, from over 2,100 ATMs in over 280 cities worldwide.[24] While credit card fraud is on the decline – due to an excess supply on the black market[25] – Russian groups are continuing to profit, finding new ways to use their cyber skills.
Chronopay and SpamIt: Russian Rivals
Pavel Vrublevsky and Igor Gusev are well known for their role in spam and Internet pharmacies, pulling off some of the largest and notorious spamming attacks. Both Vrublevsky and Gusev profit from online pharmacies and spamming, with Vrublevsky owning Chronopay and RX Promotion, and Gusev owning SpamIt and GlavMed.[26] In 2003, Vrublevsky and Gusev co-founded ChronoPay, which is now run by Vrublevsky, as the two had a falling out that created intense competition and rivalry within the Russian cybercrime market.[27] Chronopay is best known for MacDefender, a ‘scareware’ scam that uses false security alerts to make users purchase useless and fake antivirus software.[28], [29] MacDefender targeted, and continues to target, millions of Mac users.[30] Alongside this, Chronopay and SpamIt are used to prop up illegal online pharmacies; RX Promotion (Chronopay) and GlavMed (SpamIt) where knock off prescription drugs are sold to customers.[31] Between May 2007 and June 2010 GlavMed processed over 1.5 million orders from over 800,000 consumers.[32] On top of this both companies have repeat orders and customers accounting for between 9% – 23% (RX Promotion) and 27% – 38% (GlavMed) of overall revenue.[33] These orders include, but are not limited to, painkillers like Oxycodone and mental health pills including Adderall,[34] and erectile dysfunction pills, most popularly Viagra.[35]
To run these large spam campaigns, Chronopay and SpamIt hire botmasters, responsible for creating and running botnets – spam engines used for infecting PCs, Macs, and other digital devices.[36] In 2012, Grum, became known as the largest spam botnet during a 2010 leak of the SpamIt database, exposing Ger@ of running the Grum botnet.[37], [38] When in commission, Grum could send more than 18 billion emails per day, and accounted for over a third of all junk email.[39] Another spammer alleged to work with SpamIt was Oleg Y. Nikolaenko, dubbed “The King of Spam,” known for the Mega-D botnet, which was capable of sending over 10 billion spam messages per day, and said by the United States Justice Department to have infected more than half a million PCs, earning Nikolaenko hundreds of thousands of dollars.[40] Recent closing of SpamIt caused a drop in spamming numbers worldwide,[41] but it is expected that spamming will continue in some capacity because “sending spam to everyone on the planet gets you new customers on an ongoing basis.”[42]
Unsuspecting Cyber Criminals: Africa
While Africa lacks many of the technological developments of other countries, the continent is not lacking the skills and resources required to participate in cybercrime. The continent is a huge importer of electronic waste, including televisions, cell phones, car and computer parts.[43] The mounds of electronic waste provide resources that individuals and organizations can gather, put back together, and then use in Internet cafes and homes to carry out cybercrimes.[44] Different from the Russians, some African cyber criminals have been created from the waste of developed nations – who ironically then become the targets of cybercrimes. The first step in attempting to combat this unique type of cyber-criminal is halting the exportation of electronic waste, and finding more environmentally – and economically – friendly ways of disposing of electronics. Until this happens, and until private companies make electronics that have a longer shelf life than 12 months, countries like Ghana and Nigeria will continue to carry out cybercrimes.
Ghana
Unlike other African countries, Ghana is very technologically advances, being the Internet capital of West Africa,[45] having 1.297 million Internet users in 2009.[46] It is also home to the biggest electronic dumping ground in Africa located in Agbogbloshie.[47] It is common to purchase hard drives gathered from electronic waste sites, and find personal information of the original owner still saved on the hard drive.[48] Often this is because owners do not erase the contents, being assured by companies that their information will be erased, and properly disposed of.[49] Many youth in Ghana are involved in cybercrime,[50] and can spend hours sending spam emails in order to get one individual to fall for the ploy.[51] But their job is made relatively easy when they find hard drives that are not erased. In 2009, a hard drive was recovered from Ghana that previously belonged to Northrup Grumman.[52] The hard drive still contained information on U.S. top-secret contracts related to TSA, and NASA.[53] Other hard drives from the U.S. Army, Washington Metro Transit Authority, U.S. Environmental Protection Agency, and others have also been retrieved from electronic waste sites in Ghana.[54] While the U.S. government is concerned with the treat cyber-attacks pose to national security, they are less aware of the threats posed by information insecurity.[55]
Ghanaian cybercrime began with credit card fraud in 1999, where card numbers were stolen from hotel visitors, then used to make online purchases.[56] The decline in Ghanaian credit card fraud is related to the emergence of new forms of Internet fraud, and the regular enforcement of online purchases from Ghana.[57] Currently, Ghanaian’s are much more involved in identity or romance fraud.[58] Through social networking websites, including eHarmony, Match, and Facebook, Ghanaians connect with individuals and eventually ask for financial information, passwords, and other personal data.[59] While this may seem like individual cyber criminals, Ghanaian cybercrime falls into the realm of being organized criminal activity because of how engrained into society it is. First, Ghanaians adopted cybercrime from fraud tactics learned from Nigerians.[60] Nigerians were famous for the ‘pen pal scam,’ and during the Nigerian oil boom in the 1970s, when many Ghanaians traveled to Nigeria looking for work where they then learned this type of fraud.[61] Upon returning to Ghana, and with the help of technology, they simply modified how to deploy it,[62] making it faster, anonymous, and allowing for a bigger return on investment. Second, and perhaps most importantly, is how Internet fraud has been combined with Akan religious rituals forming Sakawa. In Ghana, tribal religions have a very different understanding of morals; gods are not concerned about the good and bad that people do to each other, as long as they are receive thanks, offerings, and praise.[63] This allows those who practice Sakawa – the Ghanaian term for cybercrime – to operate rather freely within their communities. The passing of the Electronic Transactions Act in 2008 criminalized computer hacking and gave police more power to pursue suspected criminals,[64] and youth began to understand the legal danger of participating in Sakawa causing a intensification of the ‘religion.’[65] Ghanaian cyber criminals seek Sakawa blessing before deploying a spam or fraud email, in which the spiritual leader will then hold a ceremony to protect the criminals from legal prosecution, and ensure their financial success.[66] This can be done in a fairly public manner, with parts of towns or tribes participating in the ceremony,[67] and Ghanaians do not have to worry about community members reporting them for cybercrime because participating in Sakawa helps ensure those in the community ‘forget’ the criminal activity.[68] Once the cybercrime has been completed, the criminal is responsible for paying back to the spiritual leader who blessed them – this is one of the ways to thank the god and ensure good fortune the next time.[69] After receiving a blessing, the most popular place to find young Ghanaians practicing Sakawa is in local Internet cafés.[70] While the owners know why youth come into their café and what they are doing they are concerned to enforce and monitor users online for fear of losing customers.[71] Sakawa involves groups of youth working together and entire communities, so while they are not formal organized criminal groups, they cannot be recognized as individual scammers.
Ghanaian cybercrime is a serious national and international security issue. Sakawa has become known more as a religion in Ghana than a crime, making it difficult for the government to take serious action in halting the activity. Furthermore, electronic waste sites are propping up the industry and often giving cyber criminals the information they need for identity fraud. Until Ghana is able to provide better wages for the youth, drawing them out of Sakawa, and the international community stops using the sovereign country as an electronic wasteland, there is little chance that Ghanaians will stop practicing the art of Sakawa.
Nigeria
Section 419 of the Nigerian criminal code states, “any person who by any false pretence, and with intent to defraud, obtains from any other person anything capable of being stolen, or induces any other person to deliver to any person anything capable of being stolen, is guilty of a felony, and is liable to imprisonment for three years.”[72] It is this section after which the infamous 419 scams are named. After the U.S. and Britain, Nigeria ranked 3rd in the world for cybercrime in 2008.[73] The ‘419’ scams consist of emails asking for ‘help’ from a country in conflict, i.e. Nigeria or Libya, from which the writer is looking to move large sums of money and thus offers the recipient a percentage for helping.[74] These emails are usually written in broken English, give a detailed story, and are very polite.[75] Previously, ‘419’ scams were very impersonal and scripted but they are now more sophisticated, including personal information and details.[76] Nigerian cyber criminals also search for ‘friends’ online, through Facebook and dating sites looking for “lonely women with money to spare” or people who “don’t know what to do with money.”[77] In talking with them the Nigerians gain a level of trust, and start asking for money with the promise of visiting their friend or lover someday soon.[78] Nearly one fifth of email scams originate from Nigeria, costing victims in the U.S. approximately $55 million in 2011.[79] Recently, Nigerians have become involved in other forms of cybercrime. Using the same ‘419’ email platform, Nigerians are learning hacking and malware techniques to gain access to users computers once they open an email.[80] After the email is opened, Nigerians hope to use these techniques to gain control of the recipient’s computer, gaining passwords and personal data.[81] Gaining these skills would ensure that the Nigerians could profit, without recipients needing believe their story. The safest way to avoid being a victim of ‘419’ scams is to not open any emails where you do not recognize the sender or subject line, but these becomes increasingly difficult with ‘419’ email getting more personalized.
According to an Ultrascan report, 800,000 Nigerians are expected to be involved with cybercrime, with 85,000 residing outside of Nigeria in diaspora communities.[82] The Nigerians’ number one target is the U.S., with the United Kingdom and India following, costing victims $12.7 billion in 2013.[83] While each ‘419’ scam can profit from $200 to $12 million,[84] Nigerians spend 30% of their earnings paying off government officials to avoid prosecution, which is a prime example of why many citizens participate in cybercrime.[85] In an interview with Mother Jones, one scammer stated, “the money [the government] should have used to construct this road, they are using for personal use … that is why we are bad boys.”[86] This makes it difficult for Nigeria to seriously prosecute ‘419’ scammers, but it does not stop the international community from trying. The U.S. has started declining money transfers to Nigeria, warning clients about possible fraud attempts.[87] Nigerians also have a social component to participating in cybercrime, similar to the Ghanaians. They consider ‘tricking’ – often involving theft and scamming – different from stealing.[88] This acceptance for ‘tricking’ partnered with nationwide corruption makes it a struggle for international law enforcement to have an impact in stopping organized crime.
Government Sponsored Cyber Crime: China
There are a number of factors that make Chinese organized cybercrime different from some of the other groups mentioned. While most organized cyber criminals are involved in cybercrime to achieve some kind of immediate monetary profit, China is much more interested in gathering information. In China, cyber expertise is highly regarded, and hacking for the government is a profitable industry with citizens being able to hold normal working hour jobs with the military.[89] Like the U.S., the Chinese may be conducting surveillance but they are also concerned with gathering information for economic growth and competition. So much so that intelligence gathering has become a matter of national security.[90] In 2007, Lockheed Martin servers were hacked;[91] at the time government officials had a difficult time proving who was responsible, but the answer became relatively clear, when the new Chinese J-20s looked almost identical to the US F-35s.[92], [93] “They’re at an advantage. We’re at a disadvantage,” says Shawn Henry,[94] as countries that participate in economic espionage often do not just stop at government and military sectors, but also go after oil and drilling, economic, and medical firms as well.[95] Cyber espionage costs the U.S. between $24 – 120 billion annually,[96] though it is unknown what percentage of this is from the Chinese.
Not only is the Chinese government heavily involved in organized cybercrime, the Chinese are very good at accessing a number of difficult systems. To do this the Chinese use “the lowest level of tools and the easiest means to get in,”[97] through gaining credentials of employees, and using existing usernames and passwords to login to the company’s system.[98] Unlike their Russian counterparts, the Chinese are much less stealthy and sophisticated with James Comey describes them as a “drunk burglar.”[99] The FBI Director further states, “They’re kicking in the front door, knocking over the vase, while they’re walking out with your television set. They’re just prolific. Their strategy seems to be, ‘we’ll just be everywhere all the time. And there’s no way they can stop us.’”[100] This may be because companies are often victims of Chinese hacking, and with the products ending up on the market eventually, there is less desire to be secretive. More recently have the Chinese began targeting governmental targets, including the U.S. Postal Service, and National Oceanic and Atmospheric Administration.[101]
Fighting Cyber Crime
Everyone from individuals to corporations should operate under the assumption that their systems have been penetrated and information accessed; as it is not a matter of ‘if’ a system will be penetrated but a matter of ‘when.’ Knowing this, how can corporations and governments protect themselves from hackers and cyber criminals, let alone the average citizen? The short answer is: there isn’t a way to combat it, as least not entirely. It is about being less concerned with stopping cyber criminals from accessing your network, and more focused on ensuring criminals do not gain access to every bit of information. However, there have been a various responses companies, governments, and individuals have taken in attempt to fight cybercrime.
Russian Response to Cyber Crime
Russia has one of the most interesting ‘responses’ to ‘fighting’ cybercrime. In 2007, Russia’s Ministry of Internal Affairs began an investigation into Vrubelvsky‘s illegal activities but the case was quickly dropped when the chief investigator began working for Vrubelvsky.[102] Then in 2010, in attempt to target and undermine Gusev, Vrubelvsky served as the top-anti spam advisor to Russia.[103] During this time Vrublevsky was using his resources to both create new spam schemes and malware while advocating for stronger enforcement of criminals in cyberspace.[104] This came to attention of Ilya V. Ponomarev, a deputy of Russia’s Duma’ Hi-Tech Development Subcommittee, who was deeply concerned with how “Vrublevsky’s activities show the extent of the problem which escapes the attention of law-enforcement bodies.”[105] Finally, in June 2011 Vrubelvsky was arrested for allegedly hiring a hacker to attack rival companies through a number of cyber attacks.[106] This arrest came after Gusev allegedly paid approximately over $1.5 million to Russian politicians and law enforcement to prosecute Vrubelvsky – and ensure the prosecution would hold[107], [108], [109] – in August 2013, Vrublevsky was found guilty and sentenced to 2.5 years.[110]
Unprecedented Cyber Case: U.S. Prosecution of Chinese Cyber Espionage
This past year the U.S. took a bold move and started a legal case against the Chinese for committing cyber espionage on the American government, military, and companies.[111] This was completely unprecedented, as no international law exists for cyber space, and any existing norms are lenient and not enforced. Despite the attribution problem making it difficult to determine the where and who of cybercrime, the U.S. released the names of individuals allegedly involved in hacking into the networks of American companies, all working for the People’s Liberation Army.[112] The Chinese did not take these allegations well, not only denying the charges but also cancelled an upcoming U.S. – China cyber security forum.[113] Little came from the case, most likely due not only to no governing law on cyber space, the lack of extradition treaty between China and the U.S.,[114] but also to ensure friendly relations between the U.S. and China continued.
Law Enforcement Approach
There are very few international norms on cybercrime, and those that do exist are not enforceable. This means that domestic policies must exist if law enforcement has any chance of prosecuting groups or individuals that participate in cybercrime. Unfortunately this comes with many difficulties. First, the attribution problem; it is incredibly difficult to trace where attacks originated from as locations can be rerouted through a number of servers hiding the true location. Furthermore, even if the location can be trace it requires incredible resources, takes time, and still cannot be stated with certainty. Second, the victims of cyber-attacks are often not in the same country where the attack originated, taking place in foreign countries where governments do not have the jurisdiction to prosecute. Lastly, even if the attacker can be traced, and presides within the country, law enforcement may still not be able to gather efficient evidence to prosecute criminals on every cybercrime. In 2008, U.S. law enforcement caught Albert Gonzalez after reading through cyber-criminal chat logs obtained in Turkey.[115] Knowing Gonzalez and his associates were responsible for a number of corporate hacking jobs, law enforcement was only able to convict him on seven indictments.[116] Despite having the legal framework, U.S. law enforcement often approaches cybercrime prosecutions on an ad hoc basis, meaning that many criminals remain innocent, or partially convicted.[117]
The Cost of Cyber Crime
Cybercrime can be expected to grow, as is allows criminals to remain relatively anonymous, requires little to no transportation, has a high rate of return, and unlike other criminal activity, like drug trafficking, cybercrime has no enforceable international norms or laws to prosecute criminals. Add to this more businesses and individuals moving to information to online service platforms, and developing countries looking to grow their technology sector, giving an influx of users and victims for cybercrime.[118] Cybercrime has serious implications on national, personal, and economic security. In 2013, McAfee estimates that 40 million people in the US, 54 million in Turkey, and more than 20 million in China had their information stolen through cybercrime.[119] It is further estimated that more than 800 million records were stolen worldwide.[120] This puts tremendous costs on individuals, companies, and governments to better protect data, and the services required to replace the information that was stolen, and fix the damage created. Furthermore, cybercrime costs the global economy over an estimated $400 billion a year,[121] due to fraudulent charges and investigations; money that could be better spent on a number of other human security issues. Governments must do a better job responding to companies that experience cyber-attacks as many of these companies have adequate protection in place, but lack the legal authorization to respond to attacks that enter their systems. If governments do not take measures to ensure that companies feel they can report attacks and the government will respond using diplomacy or other means, companies may begin taking measures into their own hands – which is an incredibly dangerous precedent to set. Governments also must get more serious about cooperating with each other. Unlike traditional forms of criminal behaviour, cyber criminals never have to set foot in the country they are attacking, meaning that law enforcement never has the chance to physical arrest or investigate them on domestic soil. This requires tremendous trust and cooperation with foreign governments to investigate and prosecute cyber criminals, but with no legal international framework in place governments are not required to assist in these proceedings and cyber criminals go un-noticed, un-prosecuted, or have investigations dropped against them through corruption. Unfortunately, McAfee suggests that the international community will not respond until the costs of cybercrime make up more than 2% of global GDP.[122] This is due to companies, governments, and the international community underestimating the cost of cybercrime on their bottom line, national economy, and the international economy.[123] Cybercrime will continue to grow unless the international community can find a way to raise the cost of cybercrime for criminal organizations, realize that cybercrime is a threat to innovation[124] and economic growth, and make the risks of participating in cybercrime outweigh the rewards.
Works Cited
Bernard, Doug. “Internet Hack Shutters some State Department Computers,” Voice Of America News, 17 Nov 2014. http://www.voanews.com/content/internet-hack-shutters-some-state-department-computers/2523336.html
Boateng, Richard, Longe Olumide, Robert Stephen Isabalija, and Josephy Budu. “Sakawa – Cybercrime and Criminality in Ghana,” Journal of Information Technology Impact 11:2 2011) p.p. 85 – 100. http://www.jiti.com/v11/jiti.v11n2.085-100.pdf
Chiroma, Haruna, Shafi’i Muhammad Abdulhamid, Abdulsalam Ya’u Gital, Ali Muhammad Usman, Timothy Umar Maigari. “Academic Community Cyber Cafés – A Perpetration Point for Cyber Crimes in Nigeria,” International Journal of Information Sciences and Computer Engineering 2:2 (2011) p.p. 7 – 13. http://www.academia.edu/3700105/Academic_Community_Cyber_Cafes_A_Perpetration_Point_for_Cyber_Crimes_in_Nigeria
Chumley, Cheryl K. “FBI’s James Comey: Chinese Hackers like ‘drunk burglar,’” The Washington Times, 6 Oct 2014. http://www.washingtontimes.com/news/2014/oct/6/fbis-james-comey-china-hackers-drunk-burglar/
Claiborne, Rob. “U.S. Electronic Waste Gets Sent to Africa,” ABC News, 2 Aug 2009. http://abcnews.go.com/GMA/Weekend/story?id=8215714&page=1.
Eichelberger, Erika. “What I Learned Hanging out with Nigerian Email Scammers,” Mother Jones, 20 Mar 2014. http://www.motherjones.com/politics/2014/03/what-i-learned-from-nigerian-scammers
Engber, Daniel. “Who Made That Nigerian Scam?” The New York Times, 3 Jan 2014. http://www.nytimes.com/2014/01/05/magazine/who-made-that-nigerian-scam.html?_r=0
Gat, Aviva. “Millions of victims lost $12.7B last year falling for Nigerian scams,” Geek Time, 21 Jul 2014. http://www.geektime.com/2014/07/21/millions-of-victims-lost-12-7b-last-year-falling-for-nigerian-scams/
Gertz, Bill. “Top Gun Takeover: Stolen F-35 secrets showing up in China’s stealth fighter,” Washington Free Beacon, posted on The Washington Times, 13 Mar 2014. http://www.washingtontimes.com/news/2014/mar/13/f-35-secrets-now-showing-chinas-stealth-fighter/?page=all
—, “Ghana: Communications,” CIA World Factbook, last updated 22 Jun 2014. https://www.cia.gov/library/publications/the-world-factbook/geos/gh.html
Goldman, David. “The Cyber Mafia has Already Hacked You,” CNN Money 27 Jul 2011. http://money.cnn.com/2011/07/27/technology/organized_cybercrime/
Guadin, Sharon. “Government Informant is Called Kingpin of Largest U.S. Data Breaches,” Computerworld, 18 Aug 2009. http://www.computerworld.com/article/2527161/government-it/government-informant-is-called-kingpin-of-largest-u-s–data-breaches.html
Harley, David. “Tax Scams, Malware, Phishing, and a 419,” We Live Security, 18 Feb 2014. http://www.welivesecurity.com/2014/02/18/tax-scams-malware-phishing-and-a-419/
Jeffries, Adrianne. “US files criminal charges against Chinese army hackers for stealing trade secrets,” The Verge, 19 May 2014. http://www.theverge.com/2014/5/19/5730570/us-will-file-criminal-charges-against-chinese-army-hackers-for
Kabay, M.E., and Bradley Guinen. “The Russian Cybermafia: RBN & the RBS WorldPay Attack,” NetworkWorld, 28 Mar 2011. http://www.networkworld.com/article/2201011/malware-cybercrime/the-russian-cybermafia–rbn—the-rbs-worldpay-attack.html
Kaplan, Jeremy A. “Welcome to Hell: Photographer Documents Africa’s E-waste Nightmare,” Fox News, 6 Mar 2014. http://www.foxnews.com/tech/2014/03/06/welcome-to-hell-photographer-documents-africas-e-waste-nightmare/
Klein, Peter (Director). “Ghana: Digital Dumping Ground,” PBS Frontline (2010). Online Documentary.
Krebs, Brian. “A Closer Look at Two Bigtime Botmasters,” Krebs On Security, 11 Dec 2012. http://krebsonsecurity.com/2012/12/a-closer-look-at-two-bigtime-botmasters/
Krebs, Brian. “Chats with Accused ‘Mega-D’ Botnet Owner?” Krebs On Security, 5 Dec 2011. http://krebsonsecurity.com/2011/12/chats-with-accused-mega-d-botnet-owner/
Krebs, Brian. “ChronoPay Co-Founder Arrested,” Krebs On Security, 24 Jun 2011. http://krebsonsecurity.com/2011/06/chronopay-co-founder-arrested/
Krebs, Brian. “Mr. Waledac: The Peter North of Spamming,” Krebs On Security, 26 Jan 2012. http://krebsonsecurity.com/2012/01/mr-waledac-the-peter-north-of-spamming/
Krebs, Brian. Open Letter from Ponomarev, 2009 [translated]. http://krebsonsecurity.com/wp-content/uploads/2010/05/ivptrans.pdf
Krebs, Brian. “Pavel Vrublevsky Sentenced to 2.5 Years,” Krebs On Security, 2 Aug 2013. http://krebsonsecurity.com/2013/08/pavel-vrublevsky-sentenced-to-2-5-years/
Krebs, Brian. “PharmaLeaks: Rogue Pharmacy Economics 101,” Krebs On Security, 22 Jun 2012. http://krebsonsecurity.com/2012/06/pharmaleaks-rogue-pharmacy-economics-101/
Krebs, Brian. “Pharma Wars,” Krebs On Security, 25 Feb 2011. http://krebsonsecurity.com/2011/02/pharma-wars/
Krebs, Brian. “Pharma Wars: Paying for Prosecution,” Krebs On Security, 12 Sep 2011. http://krebsonsecurity.com/2011/09/pharma-wars-paying-for-prosecution/
Krebs, Brian. “Pharma Wars: The Price of (in)Justice,” Krebs On Security, 17 Nov 2011. http://krebsonsecurity.com/2011/11/pharma-wars-the-price-of-injustice/
Krebs, Brian. “Spam Volumes: Past & Present, Global & Local,” Krebs On Security, 15 Jan 2013. http://krebsonsecurity.com/2013/01/spam-volumes-past-present-global-local/
Krebs, Brian. “Who’s behind the World’s Largest Spam Botnet?” Krebs On Security, 1 Feb 2012. http://krebsonsecurity.com/2012/02/whos-behind-the-worlds-largest-spam-botnet/
Krebs, Brian. “Who Says Email Is Eating at Postal Revenues?” Krebs On Security, 3 Jul 2012. http://krebsonsecurity.com/2012/07/who-says-email-is-eating-at-postal-revenues/
McMillan, Robert. “Three Charged in Dave & Busters Hacking Job,” CGO, 14 May 2008. http://www.csoonline.com/article/2122735/investigations-forensics/three-charged-in-dave—buster-s-hacking-job.html
Mick, Jason. “Russian Anti-Spam Chief Caught Spamming,” DailyTech, 19 May 2010. http://www.dailytech.com/Russian+AntiSpam+Chief+Caught+Spamming/article18423.htm
Mills, Elinor. “’Iceman’ pleads guilty in credit card theft case,” CNET, 29 Jun 2009. http://www.cnet.com/news/iceman-pleads-guilty-in-credit-card-theft-case/
Nakashima, Ellen, and William Wan. “US Announces First Criminal Charges against Foreign Country in connection with Cyberspying,” The Washington Post 19 May 2014. http://www.washingtonpost.com/world/national-security/us-to-announce-first-criminal-charges-against-foreign-country-for-cyberspying/2014/05/19/586c9992-df45-11e3-810f-764fe508b82d_story.html
—, “Net Loses: Estimating the Global Cost of Cybercrime,” McAfee, CSIS Report, Jun 2014. http://www.mcafee.com/us/resources/reports/rp-economic-impact-cybercrime2.pdf
—, “Nigerian 419 Email Scammers Shift to Malware and Hacking,” NBC News, 2014. http://www.nbcnews.com/tech/security/nigerian-419-email-scammers-shift-malware-hacking-n163491
—, “Part VI,” Nigerian Criminal Code. http://www.nigeria-law.org/Criminal%20Code%20Act-Part%20VI%20%20to%20the%20end.htm
Penn, Megan. “An Unprecedented Case with Unprecedented Results: America Accuses China of Cyber Espionage,” Freedom Observatory, 23 Jun 2014. http://www.freedomobservatory.org/an-unprecedented-case-with-unpredictable-results-america-accuses-china-of-cyber-espionage/
Poulsen, Kevin, and David B. “From White hat to Black – The Curious Case of Cybercrime Kingpin Max Vision,” Privacy PC, 26 Sep 2012. http://privacy-pc.com/articles/from-white-hat-to-black-the-curious-case-of-cybercrime-kingpin-max-vision.html
—, “The Retail Store Hacker Albert Gonzalez Now Faces Prison Time,” Law Vibe. http://lawvibe.com/the-retail-store-hacker-albert-gonzalez-now-faces-prison-time/
—, “The Sakawa Boys: Inside the Bizarre Criminal World of Ghana’s Cyber-Juju Email Scam Gangs,” Motherboard, published on Vice, 5 Apr 2011. http://motherboard.vice.com/read/the-sakawa-boys-inside-the-bizarre-criminal-world-of-ghanas-cyber-juju-email-scam-gangs
Schneider, Howard. “Kingpin: How One Hacker Took Over the Billion Dollar Cybercrime Underground,” The Humanist, 23 Aug 2011. http://thehumanist.com/magazine/september-october-2011/magazine_article/kingpin-how-one-hacker-took-over-the-billion-dollar-cybercrime-underground
—, “State of Hack,” George Washington University, Oct 2013 [event].
Sterling, Bruce. “Kingpin by Kevin Poulsen,” Wired, 2 Feb 2011. http://www.wired.com/2011/02/kingpin-by-kevin-poulsen/
Summers, DJ. “Fighting in the Cyber Trenches,” Fortune, 13 Oct 2014. http://fortune.com/2014/10/13/cold-war-on-business-cyber-warfare/
U.S. Government Official, Department of State. Nov 2011 [Conversation].
Verini, James. “The Great Cyberheist,” The New York Times, 10 Nov 2010. http://www.nytimes.com/2010/11/14/magazine/14Hacker-t.html?pagewanted=all&_r=0
Vidal, John. “Toxic ‘e-waste’ dumped in poor nations, says United Nations,” The Guardian, 14 Dec 2013. http://www.theguardian.com/global-development/2013/dec/14/toxic-ewaste-illegal-dumping-developing-countries
Vijayan, Jaikumar. “Chinese Hackers Master Art of Lying Low,” Computerworld, 20 May 2013. http://www.computerworld.com/article/2497822/security0/chinese-hackers-master-art-of-lying-low.html
Vijayan, Jaikumar. “TJX Data Breach: At 45.6M card numbers, it’s the biggest ever,” Computerworld, 29 May 2007. http://www.computerworld.com/article/2544306/security0/tjx-data-breach–at-45-6m-card-numbers–it-s-the-biggest-ever.html
Warner, Jason. “Understanding Cyber-Crime in Ghana: A View from Below,” International Journal of Cyber Criminology 5:1, Jun – July 2011), p.p. 736 – 749. http://www.cybercrimejournal.com/warner2011ijcc.pdf
—, “What are ‘Nigerian 419’ scams?” Scam Watch, Government of Australia. http://www.scamwatch.gov.au/content/index.phtml/tag/nigerian419scams
Zetter, Kim. “TJX Hacker gets 20 Years in Prison,” Wired, 25 Mar 2010. http://www.wired.com/2010/03/tjx-sentencing/
[1] “Net Loses: Estimating the Global Cost of Cybercrime,” McAfee (2014), p.p. 11. http://www.mcafee.com/us/resources/reports/rp-economic-impact-cybercrime2.pdf
[2] “Net Loses: Estimating the Global Cost of Cybercrime,” McAfee (2014), p.p. 11. http://www.mcafee.com/us/resources/reports/rp-economic-impact-cybercrime2.pdf
[3] McAfee, 2014, p.p. 2.
[4] This number does not differentiate between cybercrime perpetrated by individuals or organizations.
[5] McAfee conducted other estimates based upon different factors. These included $575 billion a year based on losses by high-income countries, $445 billion based on aggregate costs of share regional incomes, and finally $375 billion based on open source data and countries reported losses (McAfee, p.p. 6).
[6] David Goldman, “The Cyber Mafia has Already Hacked You,” CNN Money (2011). http://money.cnn.com/2011/07/27/technology/organized_cybercrime/
[7] Jaikumar Vijayan, “TJX Data Breach: At 45.6M card numbers, it’s the biggest ever,” Computerworld (2007). http://www.computerworld.com/article/2544306/security0/tjx-data-breach–at-45-6m-card-numbers–it-s-the-biggest-ever.html
[8] “The Retail Store Hacker Albert Gonzalez Now Faces Prison Time,” Law Vibe. http://lawvibe.com/the-retail-store-hacker-albert-gonzalez-now-faces-prison-time/
[9] Vijayan, 2007.
[10] Robert McMillan, “Three Charged in Dave & Busters Hacking Job,” CGO (2008). http://www.csoonline.com/article/2122735/investigations-forensics/three-charged-in-dave—buster-s-hacking-job.html
[11] Sharon Guadin, “Government Informant is Called Kingpin of Largest U.S. Data Breaches,” Computerworld (2009). http://www.computerworld.com/article/2527161/government-it/government-informant-is-called-kingpin-of-largest-u-s–data-breaches.html
[12] Kim Zetter, “TJX Hacker gets 20 Years in Prison,” Wired (2010). http://www.wired.com/2010/03/tjx-sentencing/
[13] Ibid.
[14] Bruce Sterling, “Kingpin by Kevin Poulsen,” Wired (2011). http://www.wired.com/2011/02/kingpin-by-kevin-poulsen/
[15] Kevin Poulsen and David B., “From White hat to Black – The Curious Case of Cybercrime Kingpin Max Vision,” Privacy PC (2012). http://privacy-pc.com/articles/from-white-hat-to-black-the-curious-case-of-cybercrime-kingpin-max-vision.html
[16] Elinor Mills, “’Iceman’ pleads guilty in credit card theft case,” CNET (2009). http://www.cnet.com/news/iceman-pleads-guilty-in-credit-card-theft-case/
[17] Howard Schneider, “Kingpin: How One Hacker Took Over the Billion Dollar Cybercrime Underground,” The Humanist (2011). http://thehumanist.com/magazine/september-october-2011/magazine_article/kingpin-how-one-hacker-took-over-the-billion-dollar-cybercrime-underground
[18] James Verini, “The Great Cyberheist,” The New York Times (2010). http://www.nytimes.com/2010/11/14/magazine/14Hacker-t.html?pagewanted=all&_r=0
[19] Schneider, 2011.
[20] Goldman, 2011.
[21] Ibid.
[22] Ibid.
[23] M.E. Kabay and Bradley Guinen, “The Russian Cybermafia: RBN & the RBS WorldPay Attack,” NetworkWorld (2011). http://www.networkworld.com/article/2201011/malware-cybercrime/the-russian-cybermafia–rbn—the-rbs-worldpay-attack.html
[24] Ibid.
[25] Goldman, 2011.
[26] Brian Krebs, “A Closer Look at Two Bigtime Botmasters,” Krebs On Security (2012). http://krebsonsecurity.com/2012/12/a-closer-look-at-two-bigtime-botmasters/
[27] Brian Krebs, “Pavel Vrublevsky Sentenced to 2.5 Years,” Krebs On Security (2013). http://krebsonsecurity.com/2013/08/pavel-vrublevsky-sentenced-to-2-5-years/
[28] Brian Krebs, “ChronoPay Co-Founder Arrested,” Krebs On Security (2011). http://krebsonsecurity.com/2011/06/chronopay-co-founder-arrested/
[29] Krebs, 2013, “Pavel Vrublevsky Sentenced to 2.5 Years.”
[30] Ibid.
[31] Brian Krebs, “Pharma Wars,” Krebs On Security (2011). http://krebsonsecurity.com/2011/02/pharma-wars/
[32] Ibid.
[33] Brian Krebs, “PharmaLeaks: Rogue Pharmacy Economics 101,” Krebs On Security (2012). http://krebsonsecurity.com/2012/06/pharmaleaks-rogue-pharmacy-economics-101/
[34] Ibid.
[35] Brian Krebs, “Who Says Email Is Eating at Postal Revenues?” Krebs On Security (2012). http://krebsonsecurity.com/2012/07/who-says-email-is-eating-at-postal-revenues/
[36] Brian Krebs, “Mr. Waledac: The Peter North of Spamming,” Krebs On Security (2012). http://krebsonsecurity.com/2012/01/mr-waledac-the-peter-north-of-spamming/
[37] Brian Krebs, “Who’s behind the World’s Largest Spam Botnet?” Krebs On Security (2012). http://krebsonsecurity.com/2012/02/whos-behind-the-worlds-largest-spam-botnet/
[38] Ibid.
[39] Ibid.
[40] Brian Krebs, “Chats with Accused ‘Mega-D’ Botnet Owner?” Krebs On Security (2011). http://krebsonsecurity.com/2011/12/chats-with-accused-mega-d-botnet-owner/
[41] Brian Krebs, “Spam Volumes: Past & Present, Global & Local,” Krebs On Security (2013). http://krebsonsecurity.com/2013/01/spam-volumes-past-present-global-local/
[42] Krebs, 2012, “PharmaLeaks: Rogue Pharmacy Economics 101.”
[43] John Vidal, “Toxic ‘e-waste’ dumped in poor nations, says United Nations,” The Guardian (2013). http://www.theguardian.com/global-development/2013/dec/14/toxic-ewaste-illegal-dumping-developing-countries
[44] “State of Hack,” Event, George Washington University (2013).
[45] “The Sakawa Boys: Inside the Bizarre Criminal World of Ghana’s Cyber-Juju Email Scam Gangs,” Motherboard (2011). http://motherboard.vice.com/read/the-sakawa-boys-inside-the-bizarre-criminal-world-of-ghanas-cyber-juju-email-scam-gangs
[46] “Ghana: Communications,” CIA World Factbook. https://www.cia.gov/library/publications/the-world-factbook/geos/gh.html
[47] Jeremy A. Kaplan, “Welcome to Hell: Photographer Documents Africa’s E-waste Nightmare,” Fox News (2014). http://www.foxnews.com/tech/2014/03/06/welcome-to-hell-photographer-documents-africas-e-waste-nightmare/
[48] Jason Warner, “Understanding Cyber-Crime in Ghana: A View from Below,” International Journal of Cyber Criminology (2011), p.p. 736 – 737. http://www.cybercrimejournal.com/warner2011ijcc.pdf
[49] Ibid.
[50] Richard Boateng, Longe Olumide, Robert Stephen Isabalija, and Josephy Budu, “Sakawa – Cybercrime and Criminality in Ghana,” Journal of Information Technology Impact (2011), p.p. 90 – 92. http://www.jiti.com/v11/jiti.v11n2.085-100.pdf
[51] “The Sakawa Boys: Inside the Bizarre Criminal World of Ghana’s Cyber-Juju Email Scam Gangs,” Motherboard.
[52] Warner, 2011, p.p. 737.
[53] Dir. Peter Klein, “Ghana: Digital Dumping Ground,” PBS Frontline (2010). Online Documentary.
[54] Rob Claiborne, “U.S. Electronic Waste Gets Sent to Africa,” ABC News (2009). http://abcnews.go.com/GMA/Weekend/story?id=8215714&page=1.
[55] Warner, 2011, p.p. 737.
[56] Warner, 2011, p.p. 738.
[57] Warner, 2011, p.p. 737.
[58] Warner, 2011, p.p. 739.
[59] Ibid.
[60] “The Sakawa Boys: Inside the Bizarre Criminal World of Ghana’s Cyber-Juju Email Scam Gangs,” Motherboard.
[61] Ibid.
[62] Ibid.
[63] Ibid.
[64] Warner, 2011, p.p. 741.
[65] Warner, 2011, p.p. 744.
[66] Ibid.
[67] “The Sakawa Boys: Inside the Bizarre Criminal World of Ghana’s Cyber-Juju Email Scam Gangs,” Motherboard.
[68] Warner, 2011, p.p. 745.
[69] “The Sakawa Boys: Inside the Bizarre Criminal World of Ghana’s Cyber-Juju Email Scam Gangs,” Motherboard.
[70] Boateng, et al., 2011, p.p. 90.
[71] Ibid.
[72] “Part VI,” Nigerian Criminal Code. http://www.nigeria-law.org/Criminal%20Code%20Act-Part%20VI%20%20to%20the%20end.htm
[73] Haruna Chiroma, Shafi’i Muhammad Abdulhamid, Abdulsalam Ya’u Gital, Ali Muhammad Usman, Timothy Umar Maigari, “Academic Community Cyber Cafés – A Perpetration Point for Cyber Crimes in Nigeria,” International Journal of Information Sciences and Computer Engineering (2011) p.p. 7. http://www.academia.edu/3700105/Academic_Community_Cyber_Cafes_A_Perpetration_Point_for_Cyber_Crimes_in_Nigeria
[74] “What are ‘Nigerian 419’ scams?” Scam Watch, Government of Australia. http://www.scamwatch.gov.au/content/index.phtml/tag/nigerian419scams
[75] Ibid.
[76] David Harley, “Tax Scams, Malware, Phishing, and a 419,” We Live Security (2014). http://www.welivesecurity.com/2014/02/18/tax-scams-malware-phishing-and-a-419/
[77] Erika Eichelberger, “What I Learned Hanging out with Nigerian Email Scammers,” Mother Jones (2014). http://www.motherjones.com/politics/2014/03/what-i-learned-from-nigerian-scammers
[78] Ibid.
[79] Daniel Engber, “Who Made That Nigerian Scam?” The New York Times (2014). http://www.nytimes.com/2014/01/05/magazine/who-made-that-nigerian-scam.html?_r=0
[80] “Nigerian 419 Email Scammers Shift to Malware and Hacking,” NBC News (2014). http://www.nbcnews.com/tech/security/nigerian-419-email-scammers-shift-malware-hacking-n163491
[81] Ibid.
[82] Aviva Gat, “Millions of victims lost $12.7B last year falling for Nigerian scams,” Geek Time (2014) http://www.geektime.com/2014/07/21/millions-of-victims-lost-12-7b-last-year-falling-for-nigerian-scams/
[83] Ibid.
[84] Ibid.
[85] Eichelberger, 2014.
[86] Ibid.
[87] Ibid.
[88] Ibid.
[89] Megan Penn, “An Unprecedented Case with Unprecedented Results: America Accuses China of Cyber Espionage,” Freedom Observatory (2014). http://www.freedomobservatory.org/an-unprecedented-case-with-unpredictable-results-america-accuses-china-of-cyber-espionage/
[90] DJ Summers, “Fighting in the Cyber Trenches,” Fortune (2014). http://fortune.com/2014/10/13/cold-war-on-business-cyber-warfare/
[91] Bill Gertz, “Top Gun Takeover: Stolen F-35 secrets showing up in China’s stealth fighter,” The Washington Times (2014). http://www.washingtontimes.com/news/2014/mar/13/f-35-secrets-now-showing-chinas-stealth-fighter/?page=all
[92] Penn, 2014.
[93] Gertz, 2014.
[94] Summers, 2014.
[95] Ibid.
[96] Adrianne Jeffries, “US files criminal charges against Chinese army hackers for stealing trade secrets,” The Verge (2014). http://www.theverge.com/2014/5/19/5730570/us-will-file-criminal-charges-against-chinese-army-hackers-for
[97] Jaikumar Vijayan, “Chinese Hackers Master Art of Lying Low,” Computerworld (2013). http://www.computerworld.com/article/2497822/security0/chinese-hackers-master-art-of-lying-low.html
[98] Ibid.
[99] Cheryl K. Chumley, “FBI’s James Comey: Chinese Hackers like ‘drunk burglar,’” The Washington Times (2014). http://www.washingtontimes.com/news/2014/oct/6/fbis-james-comey-china-hackers-drunk-burglar/
[100] Ibid.
[101] Doug Bernard, “Internet Hack Shutters some State Department Computers,” VOA News (2014). http://www.voanews.com/content/internet-hack-shutters-some-state-department-computers/2523336.html
[102] Jason Mick, “Russian Anti-Spam Chief Caught Spamming,” DailyTech (2010). http://www.dailytech.com/Russian+AntiSpam+Chief+Caught+Spamming/article18423.htm
[103] Ibid.
[104] Ibid.
[105] Brian Krebs, Open Letter from Ponomarev [translated]. http://krebsonsecurity.com/wp-content/uploads/2010/05/ivptrans.pdf
[106] Brian Krebs, “Pharma Wars: Paying for Prosecution,” Krebs On Security (2011). http://krebsonsecurity.com/2011/09/pharma-wars-paying-for-prosecution/
[107] Krebs, 2013, “Pavel Vrublevsky Sentenced to 2.5 Years.”
[108] Krebs, 2011, “Pharma Wars: Paying for Prosecution.”
[109] Brian Krebs, “Pharma Wars: The Price of (in)Justice,” Krebs On Security (2011). http://krebsonsecurity.com/2011/11/pharma-wars-the-price-of-injustice/
[110] Krebs, 2013, “Pavel Vrublevsky Sentenced to 2.5 Years.”
[111] Penn, 2014.
[112] Ibid.
[113] Jeffries, 2014.
[114] Ellen Nakashima and William Wan, “US Announces First Criminal Charges against Foreign Country in connection with Cyberspying,” The Washington Post (2014). http://www.washingtonpost.com/world/national-security/us-to-announce-first-criminal-charges-against-foreign-country-for-cyberspying/2014/05/19/586c9992-df45-11e3-810f-764fe508b82d_story.html
[115] Goldman, 2011.
[116] Ibid.
[117] Conversation with Department of State, U.S. Government Official (2011).
[118] McAfee, 2014, p.p. 3.
[119] Ibid.
[120] Ibid.
[121] McAfee, 2014, p.p. 2.
[122] McAfee, 2014, p.p. 11.
[123] Ibid.
[124] McAfee, 2014, p.p. 2.