Story image

Cybercrime now affecting more people than any other crime

16 May 18

The absurd and unrealistic forecasts seen in many Hollywood films have become reality.

According to the United Kingdom’s National Crime Agency, organised cybercrime is now affecting more people than any other form of crime – including drugs, firearms, organised immigration crime, and money laundering.

Not because it is replacing these other forms of cybercrime, but rather because it is aiding them.

National Crime Agency director general Lynne Owens says these alarming findings require change, with the focus on being smarter with data.

“This requires us to think differently about how we build capability in response and one of the purposes of this assessment is to inform that necessary strategic refocus,” says Owens.

“Fundamentally it must also shape our operational response and we will continue to build on the outstanding operational results of the last year as we undertake investigations at the high end of high risk. In doing so, we value the support of our operational colleagues with whom we work (often in support of one another) as they help us achieve this.”

The report affirms the rise of cybercrime is being fuelled by the exploitation of new technologies like encrypted communications and dark web marketplaces.

Complimenting these findings is an academic study released by Bromium and conducted by Surrey University senior lecturer in criminology Dr Mike McGuire (titled the Web of Profit) that delves into the revenues that cybercrime actually brings in.

Cryptocurrency is increasingly the currency of cybercriminals as its blockchain technology is virtually untraceable, making it the perfect method of money laundering. The Bromium report found that around a quarter of property payments are expected to be made in cryptocurrency within the next few years.

Bromium CEO Gregory Webb says the threat of crime to businesses and people is growing and dark web platforms like Tor and the Invisible Internet Project offer criminals a way to evade law enforcement and commoditise cybercrime and other activities, like the sale of guns and drugs.

“This platform criminality model is productising cyber threats and making cybercrime as easy as shopping online,” says Webb.

“Not only is it easy to access cybercriminal tools, services and expertise: it means enterprises and governments alike are going to see more sophisticated, costly and disruptive attacks. It is equally easy for them to wash that money and convert it into cash – and the rise in use of unregulated, virtual currencies is making this even easier.”

Further findings from the report include:

  • 20 percent of cybercriminals interviewed (from a sample of c. 100 first hand interviews) admitted to channelling revenues into the production of drugs and human trafficking
  • 57 percent of dark web activity is now associated with trading drugs
  • AlphaBay – one of the largest illicit marketplaces in history – was found to have over 250,000 listings for illegal drugs and firearms when it was taken down
  • 95 percent of money mule activity has links to cybercrime

“We can’t solve this problem using old thinking or outdated technology. By focusing on new methods of cybersecurity that protect rather than detect, we believe we can make cybercrime a lot harder, allowing organisations and the security industry to disrupt this web of profit,” Webb concludes.

Tensions on the rise after Huawei CFO arrest
“Recently our corporate CFO, Meng Wanzhou, was provisionally detained by the Canadian authorities on behalf of the United States of America."
Palo Alto Networks integrates RedLock and VM-Series with AWS Security Hub
AWS Security Hub is designed to provide users with a comprehensive view of their high-priority security alerts and compliance status.
Juniper simplifies data integration to improve threat detection
Updates to the Juniper Advanced Threat Prevention Appliances leverage third-party firewalls and security data sources.
Is mobile shopping compromising your enterprise security?
When employees do their holiday shopping on company resources, security teams have a challenge with the surge in browsing and online transactions.
Different approach to malware detection needed – VMware
Security needs to move away from the traditional approach of chasing after arbitrary forms of malware.
Modernising ERP systems can help organisations comply with GDPR
“Organisations need to look for modern ERP systems that are specifically designed with GDPR in mind."
APRA Prudential Standard CPS 234: How to communicate with the board
The Australian Prudential Regulation Authority’s standard, CPS 234, is aimed at minimising the threat of cyber attacks for APRA-regulated entities.
Cyber attacks develop complexity, target Windows sysad tools - report
The report explores changes in the threat landscape over the past year, uncovering trends and how they are expected to impact cybersecurity in 2019.