Cybercrime Organizational Structures Evolve

← Back to Stories (view on slashdot.org)

Cybercrime Organizational Structures Evolve

Posted by timothy on Tuesday July 15, 2008 @02:24AM from the cyber-cyber-cyber-cyber dept.

An anonymous reader writes "The latest findings of a report explore the trend of loosely organized clusters of attackers trading stolen data online being replaced by hierarchical cybercrime organizations. These organizations deploy sophisticated pricing models, crimeware business models refined for optimal operation, crimeware drop zones, and campaigns for optimal distribution of the crimeware. These cybercrime organizations consist of strict hierarchies, in which each cybercriminal is rewarded according to his position and task."

8 of 70 comments (clear)

Min score:

Reason:

Sort:

Good news by oodaloop · 2008-07-15 02:35 · Score: 5, Insightful

Hierarchial organizations are much easier to attack.

--
Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
1. Re:Good news by tchiseen · 2008-07-15 02:56 · Score: 3, Insightful
  
  It's much like fighting a conventional enemy versus fighting guerrilla militias. That being said, organization breeds efficiency, and facilitates larger operations.
Re:Coming the fall to HBO by Anonymous Coward · 2008-07-15 03:00 · Score: 1, Insightful

He's not missing the joke, he's position whoring.
Organized crime by xgr3gx · 2008-07-15 03:19 · Score: 3, Insightful

It never ceases to amaze me that even the lowest of the low scumbag criminals can form crime rings and organize into a hierarchical management structure.
And it's always been that way.
The booze runners of the 20's and 30's to the crack dealers of the 80's, and everything before and after.
They have pretty much corporate org charts.
I guess it's human nature to follow the rules/leader. Some just choose different sides of the law.

--
Shameless plug alert: Game server control panel
This is a Pratchett reference by Kupfernigk · 2008-07-15 03:23 · Score: 4, Insightful

In the Discworld, the ruler of Ankh-Morpork deals with crime by making it into a Guild, which then ensures that crime stays at an acceptable level by permanently removing unlicensed criminals. It is not only a satire on the Mafia, it is a satire on corrupt police forces and insurance companies (the criminals do not have protection rackets per se, they offer insurance against their own activities).
The study of crack dealers mentioned in Freakonomics showed a heirarchy similar to any US corporation, with the lowest level getting about the same hourly rate as in McDonalds. There really is no hard and fast line between organised business and crime, just degrees of criminality ranging from (say) welfare friendly food providers on the West Coats down to crack dealers. As Enron and Bear Sterns have shown us, size and visibility is no guarantee of legality.

--
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
another garbage press release by mambosauce · 2008-07-15 03:36 · Score: 4, Insightful

Aside from people's general comments that this is both obvious and many other people have already presented this type of information before I think their assessment is inaccurate. First of all their numbers make it obvious that they are only monitoring semi-open forums and not completely closed ones. Additionally their data looks like it is US and Russia-centric, not focusing on the numerous markets that exist in Ukraine, Bulgaria, Romania, Poland, western Africa and South America. Plus overall they are mixing up organized crime and specialization. What they are describing is mature capitalization with job specialization moreso than organized crime. They are limiting themselves to groups where amateur data thieves require specialists to perform higher risk elements of cashing out, using the stolen data. The real elements of organized crime are the ones where traditional non-cyber groups hire computer experts to get data, and move money through traditional, well-established means. These groups are the ones going after high profile money and you'll never see anything online about them until a law enforcement case brings them down.
The central role of Google by Animats · 2008-07-15 04:56 · Score: 3, Insightful
Google is an integral part of today's online scams. Google provides material support to scammers, and helps collect the money.
- Gmail - provides free, anonymous communication with scammers and large numbers of e-mail accounts for spammers.
- Blogger/Blogspot - provides redirection to hostile sites.
- YouTube - hosts instructional videos on how to scam.
- Google AdWords - runs paid ads for services needed by scammers, such as "bulletproof hosting".
- Google Checkout - collects money for scam tools.
Google's proliferation of low-security services makes it easier for scammers to operate, and to hide. If they had to buy those services from a hosting company, there'd be a money trail to follow back to the source. Using Google's free, unauthenticated services makes it easier for the operator to conceal their identity.
It's full-service evil.
1. Re:The central role of Google by moxley · 2008-07-15 06:19 · Score: 2, Insightful
  
  Surely you're being facetious. Thank god we have free and anonymous services on the web.
  What, you'd prefer to live in a world where you couldn't be anonymous online?
  Your argument soudn like you're saying this is a bad thing and everything everyone does online should be id verified.
  Fuck that.
  We're going to have a hard enough time preventing that from happening thanks to the fascism creep going on in our sick system as it is.