The “Liberalization” of Cyber Crime

Written by Yotam Gutman

The British Bankers Association (BBA) announced last week that robberies at British banks have fallen by more than 90 per cent in less than two decades (http://www.bba.org.uk/media/article/the-decline-of-the-british-bank-robber).

The decrease in bank robberies has been mirrored in the United States, where FBI figures put the number of bank robberies nationwide at 3,870 in 2012 – the lowest in decades. However, while violent bank robberies are dropping, banks and other financial institutions are being increasingly targeted by cyber-criminals.

This switch can be attributed to improved bank security on the one hand and the combination of the relative ease of perpetuating cyber theft and less severe punishment inflicted on convicted cybercriminals on the other hand. Check the following comparison table to see which pros and cons are weighed by would-be criminals before they decide if they wish to engage in real or virtual (cyber) crime:

Cyber theft

Actual bank robbery

Criteria

Damage to the eyes due to many hours gazing at the screen

High probability of injury or mortality

Danger level

Not that hard

Very hard to execute flawlessly

Difficulty

Endless

Limited to how much you can carry

Potential financial value  

Perhaps a few years in a low security prison, where you are likely to enroll in an “Internet” course

20 years in a maximum security prison, small cell with a roommate named “Axe

Potential punishment

The comfort of your home

Some run-down bank branch

Location

None required

Guns, bank security procedures, driving

Previous know-how

Script – kiddies to bored teenagers – Russian mobsters

Violent, adrenaline–seeking disregard for the law

Appeals to

However, this only tells a part of the story. The real revelation is not how widespread cyber theft has become, but how easy it has become to execute.

Although the notion within the general public is that cybercrimes, and especially theft from banks, are committed by highly skilled computer experts, the truth is that today one does not need special skills to become a cybercriminal, just the desire, courage and some basic IT skills (some initial funding wouldn’t hurt either).

We have repeatedly identified attack tools sold on underground platforms that make cyber-theft child’s play. One simply needs to buy (or rent) these tools and activate them to start generating cash (and breaking the law). For instance, during March 2013 a veteran member of a Russian password-protected forum offered a MitB (Man-in-the-Browser) service for different bank sites and other sites where credit cards are used. The details are stolen from the victim when he tries to browse his bank site by planting a fake page instead. In May that year, another tool named MMBB (Money-maker Bank Bot) was offered on another forum, this time without the need to download and install the tool but as a (criminal) service. Pricing options vary according to the service level – the basic package is priced at $4,999 (per month), but a more comprehensive package, including 24/7 helpdesk, costs $6,499 amonth. True, these are hefty sums, but when measuring the possible income of the would-be cybercriminal they pale in comparison.

Cybercrime is undergoing a rapid liberalization process, meaning that the capabilities thatwere once reserved for an elite few are now at the disposal of practically anyone (with motivation and Internet access).

The outlook for the future isn’t rosy. With more and more people around the world gaining access to computers and the web, the number of potential victims is quickly rising. With cybercrime tools becoming more commonplace, more people will surely exploit this fact to try and generate quick cash (or virtual cash) with the aid of the tools sold on the underground.


One thought on “The “Liberalization” of Cyber Crime

  1. inevitable consequence of target hardening banks but lets not think the balaclava heavy mob are consigned to the history books. Desperate people do desperate things in hard times

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s