Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Cybercrime Organizational Structures Evolve

timothy posted more than 6 years ago | from the cyber-cyber-cyber-cyber dept.

Security 70

An anonymous reader writes "The latest findings of a report explore the trend of loosely organized clusters of attackers trading stolen data online being replaced by hierarchical cybercrime organizations. These organizations deploy sophisticated pricing models, crimeware business models refined for optimal operation, crimeware drop zones, and campaigns for optimal distribution of the crimeware. These cybercrime organizations consist of strict hierarchies, in which each cybercriminal is rewarded according to his position and task."

cancel ×

70 comments

Sorry! There are no comments related to the filter you selected.

Can't be true! (3, Funny)

Corporate Troll (537873) | more than 6 years ago | (#24195877)

They must be intelligently designed! ;-)

Coming the fall to HBO (5, Funny)

Anonymous Coward | more than 6 years ago | (#24195917)

The Sopr0nos.

Re:Coming the fall to HBO (1, Interesting)

Mooga (789849) | more than 6 years ago | (#24196177)

I don't see how this is "New News." I have heard several public government speakers in the past that talked about how cyber crime it based on the Mafia hierarchy.

Re:Coming the fall to HBO (1)

omnichad (1198475) | more than 6 years ago | (#24196239)

*woosh*

Re:Coming the fall to HBO (1, Insightful)

Anonymous Coward | more than 6 years ago | (#24196493)

He's not missing the joke, he's position whoring.

Re:Coming the fall to HBO (0, Redundant)

Mooga (789849) | more than 6 years ago | (#24197731)

In my own defence, it was sorta legit...

Re:Coming the fall to HBO (-1, Offtopic)

utopianfiat (774016) | more than 6 years ago | (#24198207)

If having bad grammar and being offtopic and unfunny is what qualifies for legit these days, then yes.

Re:Coming the fall to HBO (1)

utopianfiat (774016) | more than 6 years ago | (#24256409)

mods = fags.

Re:Coming the fall to HBO (3, Funny)

cayenne8 (626475) | more than 6 years ago | (#24196481)

Yeah..I was thinking something like the Sopranos meets the Geek Squad....

As someone who read that as (1)

pxc (938367) | more than 6 years ago | (#24197479)

the Sopranos meet the Geek Squad

My first thought was "Sweet justice."

Good news (5, Insightful)

oodaloop (1229816) | more than 6 years ago | (#24196043)

Hierarchial organizations are much easier to attack.

Re:Good news (4, Funny)

TubeSteak (669689) | more than 6 years ago | (#24196329)

Hierarchial organizations are much easier to attack.

This type of organization will be even easier to attack than usual, because there's no loyalty on the internet and no possibility of physical retribution.

http://www.realinternetmafia.com/ [realinternetmafia.com]
They're not going to break your legs.

Re:Good news (1)

xonar (1069832) | more than 6 years ago | (#24198721)

"01/01/2005 UPDATE: TODAY IS THE NEW YEAR. 2006 is going to be the awesomest year yet for the Internet Mafia. If you think the internet mafia is going to fade away then you better get a life you retard. the Internet Mafia makes the internet go round. HERE ARE THE INTERNET MAFIA'S 2006 NEW YEAR RESOLUTIONS. "
-Most recent post from the realinternetmafia.com

It looks like this has already happened ;)

Re:Good news (3, Insightful)

tchiseen (1315299) | more than 6 years ago | (#24196421)

It's much like fighting a conventional enemy versus fighting guerrilla militias. That being said, organization breeds efficiency, and facilitates larger operations.

O RLY? (1)

mcmonkey (96054) | more than 6 years ago | (#24200425)

That being said, organization breeds efficiency

There's a documentary on that very subject you should see.

It's called Office Space

Re:Good news (4, Funny)

Marillion (33728) | more than 6 years ago | (#24197029)

I'm suddenly reminded of the line from the movie "Sneakers."

Cosmo: There I was in prison. And one day I help a couple of older gentlemen make some free telephone calls. They turn out to be, let us say, good family men.

Martin Bishop: Organized crime?

Cosmo: Hah. Don't kid yourself. It's not that organized.

Re:Good news (1)

sgt_doom (655561) | more than 6 years ago | (#24207197)

Gee...for the good old days of "criminal cooperatives".....

Re:Good news (1)

gronofer (838299) | more than 6 years ago | (#24209387)

Gee...for the good old days of "criminal cooperatives".....

The new way doesn't sound like a lot of fun to me. If all you get is bureaucracy and a pay scale, you may as well work for the government.

I wonder if there are any special fringe benefits for the rank-and-file cybercriminal.

Spam Reorg Notification? (5, Funny)

Massacrifice (249974) | more than 6 years ago | (#24196071)

Are they going to start sending notifications of their organizational change through spam, just like my current corporate VPs like to do through e-mail?

"The organization changes announced by Boris Brezgnoff represent a positive signal to all of our stakeholder groups - investors, clients and especially zombie PC owners - that we are repositioning our african operations to pursue accelerated growth. These changes will facilitate the cross-pollination of expertise we have developed across Nigeria. These changes will also enable further refinement of our global delivery strategy as we increase intra- and inter-business unit communication and pursue cross-business unit opportunities.

To deliver on this strategy and in recognition of their contribution to our past growth, the following leadership changes will be effective as of July 15, 2008:

Ivan Lebovich will assume the position of DDOS Extortion Vice President, Southern Hemisphere. Ivan's deep understanding of all of our services - particularly our Tier 2 and Tier 3 business - and his ability to develop strong relationships with key accounts will help expand our penetration of clients based in the southern hemisphere. His passion for the global delivery of our IT services and his excellent ongoing relationship with our primary nearshore USDS (Untraceable Spam Delivery System) accounts - South Africa and Malaysia - ensures the effective management of this critical delivery centre. I personally want to thank Ivan for his many years of dedicated service to the FIRM (Free Internet Russian Mafia) and look forward to working with him as he takes on this promotion to business unit leader."

The FIRM responds... (1)

MRe_nl (306212) | more than 6 years ago | (#24196283)

First, it's important to clarify that as far as I'm aware, we're not in the business of compromising networks or gaining access to other systems without just cause. When there is a clear threat to security, we then employ legal and just means to deal with that threat. Also, I'm not able to discuss specific methods that we might or might not be employing but only speak in terms of concepts and capabilities that we should have in order to be successful conducting operations in cyberspace. If you have insights and skills that might broaden our capabilities in this arena, I encourage you to consider joining the emerging FIRM cyber-workforce.
YT
Boris Brezgnoff

Re:The FIRM responds... (1)

cryptodan (1098165) | more than 6 years ago | (#24197091)

First, it's important to clarify that as far as I'm aware, we're not in the business of compromising networks or gaining access to other systems without just cause. When there is a clear threat to security, we then employ legal and just means to deal with that threat. Also, I'm not able to discuss specific methods that we might or might not be employing but only speak in terms of concepts and capabilities that we should have in order to be successful conducting operations in cyberspace. If you have insights and skills that might broaden our capabilities in this arena, I encourage you to consider joining the emerging FIRM cyber-workforce. YT Boris Brezgnoff

Sounds like the recent FISA Law, and Bush's speech towards it.

it's actually Lt. Col. John Bircher, (1)

MRe_nl (306212) | more than 6 years ago | (#24205499)

head of the U.S. Army Computer Network Operations (CNO)-Electronic Warfare (EW) Proponent's Futures Branch, in a recent slashdot interview.
Both "organisations" (the military & the criminal) seem to be "cybering-up" massively.
 

Re:Spam Reorg Notification? (0)

Anonymous Coward | more than 6 years ago | (#24196557)

You are way too good at that...

FeeBay? (1)

wild_quinine (998562) | more than 6 years ago | (#24196091)

Honestly, if these guys don't start talking about Ebay and Paypal with a little more respect, they're going to get slammed with a libel suit.

And kneecapped, obviously.

Website protection rackets (2, Interesting)

bornyesterday (888994) | more than 6 years ago | (#24196149)

Ok buddy, this is how it's going to work. You're going to pay us 10% of the profits you get off your google ads. What we're going to do for you is make sure that no one else is out there pushing in on your corner of the market. We'll even set up a bunch of other sites that refer people to your site to increase your business.

If you don't pay up, we'll vandalize your page, buy your domain out from under you and unplug your server.

Re:Website protection rackets (3, Funny)

plasmacutter (901737) | more than 6 years ago | (#24196261)

Sorry, Viacom is still waiting on the ruling which will allow them to do this.

oh, and at least TFA doesn't lump p2p in there.

Re:Website protection rackets (1)

Fred_A (10934) | more than 6 years ago | (#24198725)

That search page of yours looks mighty combustible... with all them dry links lying around...

Like just a match in the wrong place and it could go up like nothing. We wouldn't want that now would we ?

Re:Website protection rackets (1)

mapkinase (958129) | more than 6 years ago | (#24201345)

I still cannot figure out why the threat of vandalizing a server works better than a threat of breaking both wrists.

Scientists Discover: +1, Incendiary (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#24196159)

exposure to sun causes skin cancer.

Wake me when Obama becomes President of the United Gulags of America.

Cordially,
Kilgore Trout

RTFA (4, Informative)

CmdrGravy (645153) | more than 6 years ago | (#24196237)

Now I know why I don't generally bother reading these articles. This one has to be one of most cursory and pointless articles I have read in a long long time.

Re:RTFA (1)

spydum (828400) | more than 6 years ago | (#24196359)

Seconded -- I kept searching around for the second page..

Prior Art (1)

Punko (784684) | more than 6 years ago | (#24196271)

Vetinari recognized that crime was inevitable. But if you were going to have crime, make it organized crime. I believe there was a point where Vetinari made the thief's Guild realize that instead of fighting over a slice of the pie to make more money, take a reasonable slice, and then make the pie bigger. Sound like life imitating art.

This is a Pratchett reference (4, Insightful)

Kupfernigk (1190345) | more than 6 years ago | (#24196855)

In the Discworld, the ruler of Ankh-Morpork deals with crime by making it into a Guild, which then ensures that crime stays at an acceptable level by permanently removing unlicensed criminals. It is not only a satire on the Mafia, it is a satire on corrupt police forces and insurance companies (the criminals do not have protection rackets per se, they offer insurance against their own activities).

The study of crack dealers mentioned in Freakonomics showed a heirarchy similar to any US corporation, with the lowest level getting about the same hourly rate as in McDonalds. There really is no hard and fast line between organised business and crime, just degrees of criminality ranging from (say) welfare friendly food providers on the West Coats down to crack dealers. As Enron and Bear Sterns have shown us, size and visibility is no guarantee of legality.

Sounds like the warez scene to me (0)

Anonymous Coward | more than 6 years ago | (#24196317)

Same shite

warez, organized crime, terrorists, all the same evil mindset

What's old is new again (0)

Anonymous Coward | more than 6 years ago | (#24196351)

Anyone remember the more professional warez groups in the 90s?

President - (Coordinates 0day with asian pirate houses)
VP - (Gets new games, manages crackers)
VP - (Handles distribution, manages couriers and ftp sites)
Crackers - (Remove copy protection )
Couriers - (Package game in group format, shuttle payloads to various sites)
Distro Site Admins - (Administer high-bandwitdth ftp sites)

Various dead drop sites, various payment structures, huge channel of buyers/resellers, etc. etc.

or the loose ones use rapidshare, megaupload (0)

Anonymous Coward | more than 6 years ago | (#24198347)

Two places where the loose, unorganized if you will, pirate distributes warez. All the torrents but more easily tracked if you use those, but not so easily fooled into trojans and other malware as rapidshare, which is 99.999% malware.

Re:or the loose ones use rapidshare, megaupload (0)

Anonymous Coward | more than 6 years ago | (#24202213)

But think of the GBs of free stuff! 0.001% of GBs is Worth it to me.

sophisticated pricing models (4, Funny)

ypctx (1324269) | more than 6 years ago | (#24196355)

casino ddos extortion pack mini: $5,000
extra annoyment (100% cpu) for zombie computer owners: +$20
tarpit iptables rule workaround: +$30
24/7 phone support: +$300
lunch with PharmaMaster: $5m

Re:sophisticated pricing models (0)

Anonymous Coward | more than 6 years ago | (#24197165)

kicking PharmaMaster right in the nuts: priceless!

Re:sophisticated pricing models (0)

Anonymous Coward | more than 6 years ago | (#24203067)

I wish people would stop saying

blah1 x$
blah2 y$
blah3 priceless

It comes from a commercial, it hasnt been funny for a long time and its as annoying as spam.

Re:sophisticated pricing models (0)

Anonymous Coward | more than 6 years ago | (#24200533)

the satisfaction of locking ex-municipal employer = priceless

there are some things you cant buy...

Well DUH! (1)

MoonlightSeraphim (1253752) | more than 6 years ago | (#24196385)

So why are the officials surprised? The structures that fight the crime become more organized so it is expected for the latter to do the same. Cause and effect.

The Real Question Is... (0)

Anonymous Coward | more than 6 years ago | (#24196543)

How do you level up?

Organized crime (3, Insightful)

xgr3gx (1068984) | more than 6 years ago | (#24196795)

It never ceases to amaze me that even the lowest of the low scumbag criminals can form crime rings and organize into a hierarchical management structure.
And it's always been that way.
The booze runners of the 20's and 30's to the crack dealers of the 80's, and everything before and after.
They have pretty much corporate org charts.
I guess it's human nature to follow the rules/leader. Some just choose different sides of the law.

Re:Organized crime (0)

Anonymous Coward | more than 6 years ago | (#24203435)

It never ceases to amaze me that even the lowest of the low scumbag criminals can form crime rings and organize into a hierarchical management structure.

Actually to me this behavior started to make a lot of sense when I stopped thinking in terms of morals. (Reading Nietzsche helps a lot here!) Morals are purely subjective as they cannot be logically deducted from anything objectively observable. Instead I started thinking in terms of evolution. People do what is best for their own survival. A beneficial behavior for one individual sometimes breaks rules made by other individuals. Those rules on the other hand are designed, whether on purpose or not, to benefit the rulemakers survival.

Re:Organized crime (0)

Anonymous Coward | more than 6 years ago | (#24209005)

What exactly does being a "scumbag" have to do with intelligence or competency? I'm morally bankrupt and I make the average above average individual look like a trained chimp.

Sounds like Uplink (2, Interesting)

sp332 (781207) | more than 6 years ago | (#24197003)

Does anyone remember Introversion's little hacker game, Uplink?

You worked as a (mostly malicious) contract hacker for a corp called Uplink, creating and editing identities for clients, stealing and deleting data, and transferring large sums of money in exchange for a bounty proportional to the difficulty/danger of being caught.

Looks very similar to this situation.

Just checked - you can still buy Uplink on Steam for $10.

Re:Sounds like Uplink (0)

Anonymous Coward | more than 6 years ago | (#24197331)

Just checked - you can still buy Uplink on Steam for $10.

There are mods and utilities for that game that just don't work on the Steam edition. If you're going to plunge, go all the way and buy the conventional version.

Re:Sounds like Uplink (1)

sp332 (781207) | more than 6 years ago | (#24200427)

Thanks for the tip - the mods were the best part!

Re:Sounds like Uplink (1)

HungryHobo (1314109) | more than 6 years ago | (#24197907)

I loved that game, some of the mods were fantastic and it doesn't age like many games do since it was never flashy on the graphics front.

Re:Sounds like Uplink (1)

ikkonoishi (674762) | more than 6 years ago | (#24198517)

Yeah but the steam version doesn't work with the mods that modify the binary. Fortunately it is possible to get them working though if you don't mind lowering your neuromancer rating a little if you get my drift.

If you buy a game about hacking... (0)

Anonymous Coward | more than 6 years ago | (#24200119)

...then didn't you already fail the first mission?

another garbage press release (4, Insightful)

mambosauce (1236224) | more than 6 years ago | (#24197055)

Aside from people's general comments that this is both obvious and many other people have already presented this type of information before I think their assessment is inaccurate. First of all their numbers make it obvious that they are only monitoring semi-open forums and not completely closed ones. Additionally their data looks like it is US and Russia-centric, not focusing on the numerous markets that exist in Ukraine, Bulgaria, Romania, Poland, western Africa and South America. Plus overall they are mixing up organized crime and specialization. What they are describing is mature capitalization with job specialization moreso than organized crime. They are limiting themselves to groups where amateur data thieves require specialists to perform higher risk elements of cashing out, using the stolen data. The real elements of organized crime are the ones where traditional non-cyber groups hire computer experts to get data, and move money through traditional, well-established means. These groups are the ones going after high profile money and you'll never see anything online about them until a law enforcement case brings them down.

Re:another garbage press release (1)

rootooftheworld (1284968) | more than 6 years ago | (#24213723)

Bai Ganjo (the very essence of Bulgarians through the generations) shouts Bulgar!!Bulgar!!Bulgar!!

In reverse (0)

Anonymous Coward | more than 6 years ago | (#24197493)

In reverse hierarchy, this post is the...wait for it...First Post! W00T

When I saw the words "organized" and "cybercrime" (0)

Anonymous Coward | more than 6 years ago | (#24198039)

...I thought that this had something to do with the robot mafia.

I think I've been watching too much Futurama

Re:When I saw the words "organized" and "cybercrim (0)

Anonymous Coward | more than 6 years ago | (#24198577)

this had something to do with the robot mafia.

Nice set of stairs you've got there. Would be a shame if someone were to be shoved down them.

What I want to know is.... (1)

mwilli (725214) | more than 6 years ago | (#24198359)

if this is similar to a 'mob' type hierarchy, who is the godfather?

Put them in charge! (1)

PPH (736903) | more than 6 years ago | (#24198565)

The last law abiding corporation I worked for promoted based upon blood lines and/or an employees ability to hang from the ceiling by their lips.

The central role of Google (3, Insightful)

Animats (122034) | more than 6 years ago | (#24198657)

Google is an integral part of today's online scams. Google provides material support to scammers, and helps collect the money.

Google's proliferation of low-security services makes it easier for scammers to operate, and to hide. If they had to buy those services from a hosting company, there'd be a money trail to follow back to the source. Using Google's free, unauthenticated services makes it easier for the operator to conceal their identity.

It's full-service evil.

Re:The central role of Google (2, Insightful)

moxley (895517) | more than 6 years ago | (#24200169)

Surely you're being facetious. Thank god we have free and anonymous services on the web.

What, you'd prefer to live in a world where you couldn't be anonymous online?

Your argument soudn like you're saying this is a bad thing and everything everyone does online should be id verified.

Fuck that.

We're going to have a hard enough time preventing that from happening thanks to the fascism creep going on in our sick system as it is.

Re:The central role of Google (0)

Anonymous Coward | more than 6 years ago | (#24203647)

It's full-service evil.

Depends on whether you like the government to know everything. Some say it's full-service good.

Gangs & McDonald's (1)

Fuseboy (414663) | more than 6 years ago | (#24199343)

Reminds me of Freakonomics, in which Levitt discusses how drug-dealing gangs' organizational structure mirrors that of McDonalds.

The invisible hand (1)

ichigo 2.0 (900288) | more than 6 years ago | (#24199907)

Where there is demand, someone will supply. Regardless of government attempts to intervene.

What are these crooks thinking? (1)

ROU Nuisance Value (253171) | more than 6 years ago | (#24202699)

If they're going corporate, they've lost the thread: "No sense being a grifter if it's just like being a citizen." -- Paul Newman, playing confidence man Henry Gondorf in "The Sting".

In my first hand experience (0)

Anonymous Coward | more than 6 years ago | (#24207153)

Having read nothing but the summary: Article is full of shit. Crimeware? New?

The carding scene relies on vetting through a combination of the forum administration vouching, and feedback by long standing community members.

The drug dealing scene relies on vetting via social connections. The only difference between "cybercrime" and normal crime is the processes of establishing credibility, and the methods necessary to protect yourself from law enforcement.

The threat of physical harm is as real with cybercrime as it is with normal crime as you move up the ladder and severity of crime.

NONE of this is new and has all been going on for nearly a decade. The only change is increasing caution due to the intricate stings that law enforcement has demonstrated themselves to be willing to conduct.

Huh? (1)

marco.antonio.costa (937534) | more than 6 years ago | (#24209179)

What the hell is 'crimeware'?

Thank you Microsoft (1)

Breakable (1323131) | more than 6 years ago | (#24209327)

Thank you Microsoft for enabling this with Windows!

T(Real)FA .. the actual report (0)

Anonymous Coward | more than 6 years ago | (#24209697)

Why hasn't anyone posted this already? The article linked from the post is useless, and that's being kind.

The actual Finjan report can be downloaded here. Requires you answer a survey before downloading. http://www.finjan.com/content.aspx?id=1994&objid=620 [finjan.com]

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>