Many people consider cyber criminals to be loners working away in their bedrooms and attempting to infiltrate the network or system of another user. No doubt, the generalised “cyber geek” exists, but there is a lot more to the area than that.
One of the big issues – at least before the rise of Anonymous, Lulzsec and the flashmob style hacking groups – has been the proliferation of “carder” sites. Essentially, these are used to deal in credit or debit card details. The sites are fairly secure, the communities are obviously aware of the risks, and potential new users have to show their worth by providing new details of between 5 and 10 stolen credit cards.
Obviously the primary function of such sites was the sale of card details. But they would also sell packages in relation to gaining sole access to stolen accounts. You can buy a “phishing kit” which could allow you to set up a fake bank website and send out many thousands of emails from a well known bank, requesting users enter their account details for a variety of reasons. You can also buy access to a proxy server, which would allow you to redirect your internet traffic through an off-shore or untraceable server, in order that tracking down the culprit is made much more difficult. There is also “malware” for sale that will infiltrate the recipient system and lay dormant until it recognises bank login details, account numbers or other financial information, which is harvested and sent back to the owner of the malware. You can even buy enough personal details about a person that you can fraudulently open a bank account in their name.
The criminal networks have become so developed that unwitting mules are often used to launder the money. Again, this relies on spam emails, this time advertising decent pay for people carrying out work on their home computer. Those who sign up then receive lump sum payments, supposedly for their work, from which they are told that they should forward a certain amount to the parent company, less their commission.
These sites are a significant problem. While prosecutions of such networks are ongoing, the biggest catch in theUKyet was that of DarkMarket in2010to which was attributed a fraud worth tens of millions of dollars. Renukanth Subramaniam, known as JiLsi on the site, was investigated by the Serious Organised Crime Agency and eventually received a 5 year prison sentence for his involvement in the running of the site. There were 60 other arrests worldwide.
No doubt there are geeky cyber criminals sitting in their bedrooms trying to hack into Government websites, but cyber crime is now prevalent across society and there is the involvement of organised criminal gangs operating in a manner similar to traditional mafia.
It’s not all about geeks.