Cybercrooks Surpassed Old School Bankrobbers In '09

krebsonsecurity writes "Organized cyber-criminal gangs stole $25 million in the 3rd quarter alone last year, by pilfering the online bank accounts of small to midsized businesses, the FDIC reported last week. In contrast, traditional bank robbers hauled just $9.4 million in 1,184 bank robberies during that same period, according to an analysis of FBI bank crime statistics by krebsonsecurity.com. From that story: 'The federal government sure publishes a lot more information about physical bank robberies than it makes available about online stick-ups. Indeed, the FBI's bank crime stats are extraordinarily detailed. For example, they can tell you that in the 3rd quarter of last year, bank robbers were more likely to hold up their local branch between the hours of 9 a.m. and 11 a.m. on a Wednesday than at any other time or day of the week; they can tell you the number of tear gas and dye packs taken with the loot, the number of security cameras activated, the number of food stamps taken, even what percentage of suspected perpetrators had illegal drug habits at the time of the robberies. About the only thing the stats don't tell you is what brand of jeans the perpetrators were wearing and whether the getaway car had cool vanity plates. What do we get about e-crime statistics from the federal government? One guy from the FDIC giving a speech at the RSA conference."

Saw the ethief coming...

[aleqi_njbp]

Since only 3% of all dollars exist as paper money you knew this one was coming. If thieves only robbed the paper money they would be limiting their money pool they steal from.

Re:Saw the ethief coming...

As a former teller, I can tell the /. crowd that robbing a bank physically is one of the stupidest things you can do. Unless you do a military style takedown (which takes substantially longer and is much more dangerous than handing a note to a teller) you get away with 10k at the very best. The "vault" in many cases doesn't hold more than a couple hundred thousand... and that's a large branch during Christmas. The thing idiot bank robbers don't realize is that the more money a bank has sitting in the branch, the more capital is in use and the less the bank can loan, so the bank's return on capital go down the more money they have sitting in branches, essentially doing nothing for the shareholders.

The stacks of money you see in movies are about as realistic as the hacking scenes in most movies. If you're going to be a blight on society, eHacking is the way to go... but as someone who's seen some aspects of bank IT security from the inside, I wouldn't recommend that either.

Re:Saw the ethief coming...

[rcamans]

All businesses (except banks) will tell you that they lose more thru employee theft than outsider theft. But banks do not want you to know how bad it is, so they keep it quiet. I dated a girl who was a bank teller. She told me that she felt she deserved nice clothes, so she would keep some of the deposits. After $2,000 or so, the bank would catch her and let her go (not get their money back). No report to the police, nothing. Since her only job skill was bank teller, she would just get a job at a different bank...
$25M was reported to the feds, but how much went unreported?

How long until...

[sophomoric]

How long until Comp Sci majors are considered more at-risk to be future criminals than the football team?

Re:How long until...

[Nadaka]

Already there. I don't tell people about what I do for two reasons:

1: they want me to fix their computer.
2: they ask me if I can hack into government computers to prove UFO's exist.

Re:How long until...

[AndrewNeo]

I feel sorry for you. I usually just get stuck with the first one.

Hostages..

[QuantumRiff]

I wonder how many hostages have been injured/shot in a cyber stickup gone bad?

Perhaps that might explain their focusing more on physical bank robberies? I mean cmon.. the banks have insurance to cover the actual money lost, don't they?

Re:Hostages..

[rhsanborn]

I suspect the banks do have insurance that covers the loss during a robbery. I also suspect that the small to mid-size businesses don't have insurance that covers someone logging in and emptying their bank accounts, which can sink a small company.

Re:Hostages..

[Jer]

I believe that the point the the OP is making is that more people die in physical bank robberies than in online robberies. Hence the extra focus of the FBI on stopping physical robberies over online robberies.

Re:Hostages..

[jafiwam]

The affected parties are different between the two types of crimes;

Robbing a bank is the equivalent of stealing from the FDIC.

Looting an account is the equivalent of emptying a cash register or wallet.

The "little guy" takes the hit in the latter case, whereas in the former, the direct hit gets absorbed by a larger entity.

Just try to get your money back from PayPal, or a phishing attack, or cloned debit card once to find out how "stuck" you are as the little guy.

Re:Hostages..

[houghi]

reminds me of the "The Stainless Steel Rat" series of books, where the main character explained that robbing banks was a GOOD thing for all of the following reasons:
1) The police has something to do
2) The newspapers have something to write about
3) People get some excitement in their lives
4) The insurance will cover everything
5) He spends the money and puts it back in the economy

So as long as nobody gets hurt, he does everybody a favour.

Re:Hostages..

[Cornwallis]

the banks have insurance to cover the actual money lost, don't they?

Anymore that's the U.S. taxpayers...

Re:Hostages..

[HungryHobo]

and if you outlawed password crackers and port scanners online robberies wouldn't happen.

Re:Hostages..

[Red+Flayer]

Hah. Go ahead and read any of Hoover's biographies, if it makes no sense to you. Times aren't that different now. There are still turf wars going on.

The creation of the DHS was supposed to smooth those out, but has been very ineffective in doing so.

Huh

[macemoneta]

When I looked at the numbers, all I could think of was "that wouldn't even come up to a good bonus at Goldman Sachs".

Which ones are the bank robbers again?

Re:Huh

[TheLink]

Yeah, why are we worrying so much about bank robbers. They're small potatoes. As long as they don't kill or hurt anyone how much $$$ can they take? Laughable amounts for the jail time and risk.

In contrast:

http://www.nytimes.com/2009/07/24/business/24trading.html

Quotes:

Multiply such trades across thousands of stocks a day, and the profits are substantial. High-frequency traders generated about $21 billion in profits last year, the Tabb Group, a research firm, estimates.

"But we're moving toward a two-tiered marketplace of the high-frequency arbitrage guys, and everyone else. People want to know they have a legitimate shot at getting a fair deal. Otherwise, the markets lose their integrity."

See also this:

http://www.youtube.com/watch?v=hXBcmqwTV9s

http://www.youtube.com/watch?v=mzJmTCYmo9g

OK it's comedy, but so is the real world situation in a way (except more tragic).

Re:Huh

[Syberz]

When I looked at the numbers, all I could think of was "that wouldn't even come up to a good bonus at Goldman Sachs".

Which ones are the bank robbers again?

Goldman Sachs aren't robbing banks, they're using banks to rob us.

Re:Huh

[savanik]

This was actually predicted some time ago, in a Cyberpunk 2020 supplement. I forget which one exactly, I think it was 'Listen Up, You Primitive Screwheads!'

"Back in the late twentieth century, the average short term loan's length was 30 days. In 2060, the average term is 30 seconds. What can you do in 30 seconds? If you hop on a fast bike, you might make it part of the way down the street. But I can take that thirty-second loan and make enough money to buy a South Sea island, complete with mansion and Playboy bunnies to serve my every whim through a little miracle called currency arbitrage."

Quote is approximate.

Re:Huh

[ixidor]

in soviet-amerika, Goldman Sachs robs you ?

why do people hack bank accounts?

[conspirator57]

because that's where the money is.

Re:why do people hack bank accounts?

[TheLink]

> why do people hack bank accounts?

Because they're too stupid to be investment bankers, or their conscience would bother them...

Re:why do people hack bank accounts?

[conspirator57]

i don't disagree with you, i was just revamping the old canard about robbing banks.

http://www.fbi.gov/libref/historic/famcases/sutton/sutton.htm

Comment removed

[account_deleted]

Comment removed based on user account deletion

Seems low, doesn't it?

[beakerMeep]

Compared to the GDP of the US in 2009 ($14.26T) that's what, like 0.0007% ? *


*Disclamer: that's internet math, some of the logic could have been stolen/pilfered.

And that's not all...

[Cornwallis]

They're real cagey about how much is pilfered by bank employees. That's where most of the loss comes from.

Of Course

[carp3_noct3m]

"Cyber-Crime" has the majority of the benefits of a traditional robbery without many of the downfalls. For those of you who don't know, ATM skimming in the US is even more prevalent and more harmful, and the majority of e-crime originates in OCONUS. The thing is, it is easy to get bank and CC info in the dark underbellies of the internet, the hard part is turning that info into money you can use. That's why large bot-net operators skim large amounts of data, and organize by "value" for example a black card will sell for 150+ $. Usually they try to sell in bulk, to someone else, who then hires a cashier, or someone who can basically "launder" the money back (with various methods, E-gold, offshore gambling, etc), often these cashiers charge over 50 points or more, because that is where the real danger is. The point is, even if you start somehow nabbing or stopping the cashiers, you still have the botnet ops and the real person making the money in the background. Again, most of this being from countries like Russia (stereotypes do exist for a reason sometimes). Want to stop cybercrime? Start making financial institutions at least attempt at having security protocols in place that can stop this sort of thing, and do something to educate and simplify secure computing for the consumer.

Not even a blip.

[Hatta]

$25 million, roughly 100 million all year. Are you kidding? The financial industry extorted hundreds of billions of dollars from the tax payer in 2009. If this is the cybercrime menace we're supposed to be afraid of, I'm not. I'm much more worried about legalized theft by men in suits.

FBI underestimates white-collar crime

[Animats]

My guess is that the government doesn't publish the statistics because

No, it's an institutional bias at the FBI that dates back to J. Edgar Hoover. The FBI's Uniform Crime Reports hugely underestimate white collar crime. Violent crime is tallied based on police reports, regardless of whether anyone is arrested. White collar crime is tallied based on arrests. Scams with large numbers of victims who didn't lose much each don't get tallied at all.

In dollar volume, white collar fraud dwarfs all other categories. Losses from the Madoff scam, or the Enron scam, were each greater than an entire century or so of physical bank robberies.

Robbery is a dying industry, anyway. Breaking into houses is almost obsolete. What's worth stealing? Nobody has silver any more. Used consumer electronics has zero to negative value. Any TV worth stealing is too big to lift. Used furniture is nearly worthless. Few people keep much cash around. Auto theft is at a 20-year low - between OnStar and LoJack, stealing cars as a career doesn't work for long.

I thought organized crime...

[ls671]

I thought that organized crime had moved to cyber-robbing a long time ago so is this really news ? I am just wondering...

The 9.4 millions robbed in a conventional way are probably due to poor, "un-organized" people ;-))

When you say cybercrooks, do you include

[aaandre]

When you say cybercrooks, do you include financial institutions that

1. Practice coputer-managed microtrading using the advantage of their high-availability data streams, proprietary software and huge capital (other people's money) to squeeze profit from the market without contributing anything positive to anybody or anything?

2. Create financial instruments and products with the only purpose to use legal loopholes for profit?

3. Use usury to create perpetual profit from everyone who borrows other perople's money from them, practically causing enslavement?

Just wondering.

Small fry

[Wonko+the+Sane]

The real crooks extorted $24 trillion from a sovereign nation by threatening elected officials with martial law.