Most films would have us believe the world of cybercrime is very much a solitary one; a lone hacker who’s a complex technical wizard sitting in front of their computer and taking down ‘the system’. While there’s some truth in that, professor of criminal justice Thomas Holt says in most cases, hackers need to work together.
Holt is the co-author of new research out of Michigan State University which identifies common attributes of cybercrime networks and reveals how these groups function and work together.
He told Jim Mora that typically, cybercrime networks develop malicious software; tools that can be used to automate hacking.
He says the networks are much looser than the hierarchical structure of a gang, for example, and there may be a group that hacks together for a year or two before moving on.
But, “hackers need one another,” says Holt.
“For example, if I am able to acquire a million credit card numbers, there’s no way I can use even a tenth of that data myself and so I might monetise it, I might try to sell clumps of that data to other people.”
It’s a division of labour that can be relatively complicated, he says.
“That’s especially true when we’re thinking about some of the specific either malware or financial crimes, so if I write… code, I may be a very adept programmer but I have a specialisation and so if my area connects with yours, and if we work together, we can create a more sophisticated tool, then that means that there’s value in us collaborating.
“If we’re thinking about some of the broader scale phishing operations, if I’m trying to get banking logins and passwords from users then once I acquire those credentials, I may have to initially send out an email, I may have to create a webpage that looks like the financial institution I’m targeting.
“Once I get all those credentials down, then I have to find a way to use them, so I may work with another person to try and pass those accounts through, and start using the information or I may create a network of money mules, people who can help me move money from account to account…”
Increasingly in cyber-crime people are offering services on demand, in online markets on forums, he says.
“It’s a lot like online shopping, the only difference is you’re buying highly illegal information or services.”
For financial institutions, cyber-attacks pose a big problem.
“When we think about the nation state threat, it’s slightly different, we don’t see as many targeted attacks against financial institutions by nation states aside from, say, North Korea.”
But the impact is still significant, he says.
“Anytime there’s a hack that compromises either a country or a company’s operational readiness or limits their ability to get things done, that has a dramatic impact.”
He says when you start to look closely, you can see there are more and more attacks either targeting sensitive information compiled by governments over a long period of time or attempts to compromise electrical grids, critical infrastructure and important resources.
It’s this type of attack that can cause a loss of human life, he says.