Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Cybercrime getting easier to commit, federal agents say

Experts speaking at a cybercrime event at the University of Washington said that it's getting easier for criminals to commit cybercrime

Committing cybercrime these days is as easy as building a fantasy football team, FBI and Secret Service agents said on Friday.

"I'm concerned that the cyber-underground is a beautiful business model. It's like going to eBay or Amazon. You just pick what you need -- coders, mules -- and build a dream team. It's like fantasy football," said Gordon Snow, assistant director in the U.S. Federal Bureau of Investigation's cybercrime division.

Snow and other legal and law enforcement experts spoke Friday at a seminar on cybercrime at the University of Washington's Law School in Seattle.

Cybercrime is becoming more professional and in many ways, easier to commit, they said. "The level of professionalism is amazing and I don't see a slowdown," said Pablo Martinez, deputy special agent in charge at the U.S. Secret Service.

People who want to commit cybercrime can go to forums online and assemble a team that specializes in writing malware, deploying malware or scanning systems for open ports. Others specialize in acting as "mules," where they open bank accounts for funneling stolen money, and yet others specialize in calling customer service departments posing as customers to collect information.

This model makes it very easy and attractive for people to commit cybercrimes. "It's low overhead and low risk," Snow said. People doing it are mostly motivated by acquiring cash. As evidence that this model makes it easy for anyone to get into cybercrime, he noted that some of the people authorities arrest aren't particularly well-off. "Some of the people we're picking up aren't of substantial means. We've found people who are using computers with missing keys," he said.

The criminals have new targets these days, the officials said. Increasingly, they are targeting sectors like retail and hospitality, instead of simply focusing on financial institutions, Martinez said. "Why hack into Citibank and steal 10 million pieces of information when you could hack into restaurants and get the same information and not have a big target, a bulls-eye, on your back?"

The open markets for talent make it easier for criminals to do things like steal money from companies, as well as attack governments. Espionage traditionally involved setting up a mole in a foreign country, which involves a lot of time and work for someone to build a false life. But today, with low overhead and minimal risk, someone can hack into computers and mirror hard drives to get the same kind of information that moles used to, Snow said.

To try to head off all kinds of cybercrime, the groups have beefed up their enforcement efforts. The Secret Service, for example, has 31 task forces in the U.S. dedicated to electronic crimes. The Seattle task force, started in 2006, has seized US$14.2 million in funds stolen electronically. The group has arrested 150 people and examined almost 1,700 computers including 128 terabytes of data, said Jim Helminski, special agent in charge with the Secret Service.

Nancy Gohring covers mobile phones and cloud computing for The IDG News Service. Follow Nancy on Twitter at @idgnancy. Nancy's e-mail address is Nancy_Gohring@idg.com

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Amazon, Citibank, eBay, FBI, Federal Bureau of Investigation, IDG
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: security, U.S. Federal Bureau of Investigation
Latest Blog Posts
Whitepapers
  • Securing Vital Infrastructure
    A unified approach to information security can help modern vital infrastructure providers deal with evolving IT threats without compromising on communications or the demands of an increasingly mobile workforce. Flexible policies, combined with quality inbound threat detection, deep content inspection and encryption capabilities can help organisations to mitigate the risks – not just from outside the organisation, but also within it. Read this whitepaper.
    Learn more »
  • Workshifting: How IT is Changing the Way Business is Done
    While workshifting delivers powerful benefits, from increased productivity and improved cost-efficiency for both business and IT, to improved recruitment and retention, to business continuity and security, it also poses significant challenges for IT. The following discussion examines the forces driving the rapid rise of workshifting, the forms it can take, the IT challenges that must be addressed to enable it, the technologies now available to unlock its full value and the resulting benefits for the business.
    Learn more »
  • Enhancing Decision-Making, Cost-Efficiency, and Profitability With Predictive Analytics
    Today’s managers must always look at the past, present, and future. They need reports on past performance to improve operational efficiency. Business intelligence (BI) platforms such as Information Builders WebFOCUS, are providing a unified decision-support environment where managers can retrieve and analyze data about past, present, and future activities. In this paper, we will discuss the incorporation of predictive modeling capabilities into the WebFOCUS BI platform, and highlight how this advanced functionality can dramatically improve decision-making, thus reducing risk and costs while increasing revenue and profits.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments