Tuesday, April 6, 2010

Cyber criminals getting specialized, FBI says

From Federal Computer Week ...

At the FOSE 2010 conference the FBI's deputy assistant director of its Cyber Division, Steven Chabinsky, discussed the increasing specialization of skills in the cyber criminal marketplace. Chabinsky stated, “just like you have doctors who are specialists instead of general practitioners, we have cyber criminals who are specialists instead of general practitioners.”

According to Chabinsky the most common cyber criminal specialities are:

  • Coders or programmers who write malware and exploits
  • Distributors or vendors who trade and sell stolen data
  • Techies who maintain the needed information technology infrastructures
  • Hackers
  • Fraudsters who create social engineering schemes
  • Hosters
  • Money movers
  • Launderers of digital proceeds and
  • People, often without technical skills, who handle personnel issues


Marisa said...

I think that this specialization and evolution are in many ways indicative of just how widespread cyber criminal action is becoming. It mirrors that lesson we all learned in middle school history about human development: the more people there are and the more sophisticated they become, we have giant shift from one person doing everything in a rudimentary way to people developing a high level of skill in a specific niche.
The real question I have now concerns the effect of this spreading out/specializing.IT goes back to the discussion of trade-offs from last week: I assume that people are masters of their smaller trade, but does dividing a crime into several pieces handled by different people make it harder to detect, because each is only a part of the puzzle, or easier to detect because there are now more people involved and they need to communicate?

dana said...

I think that’s an interesting question, and I think knowing the answer to it would be a helpful starting point for figuring out the right strategies for tracking these people down and combating cyber crime. At the same time, I feel like it may be one of those questions that just doesn’t have a concrete answer.

The answer, I think, just depends on how good the cyber criminals are. If you have a bunch of smart, savvy cyber criminals organized into a specialized network, I would expect them to be exceedingly dangerous. They’re not only good at their little tasks, but presumably they’re smart enough to cover their tracks and protect the little pieces of the puzzle from being detected on their own, and if they are detected, from leading to the rest of the crime network. And presumably, if they’re smart, they’ll also set up their crime network so that the parts are easily replaceable and so that the workings of their cyber crime are flexible and can be easily adapted to fit new situations.

On the other hand, if you get dumb criminals in a network, it should be easier to find them because they’ll likely be sloppy about covering their paper trail, or cyber trail as it were. Unfortunately though, it’s the smart ones we should be most worried about, and seeing them become specialized and organized can’t be a good thing.

Deven said...

I agree with Dana; there isn't a right answer to the question of specialization making it harder or easier to detect cyber crime. Even if Chabinsky is correct in citing increasing skill specialization, I think it's important for us to remember what kind of skills are required for cyber attacks.
Even though I am not very tech-savvy, this class has helped me realized just how simple it is to launch a simple malware attack. Even if criminals specialize in hacking or social engineering schemes, I've realized how little training it actually takes to do cyber crime.

Of course, there are highly trained Chinese soldiers who carry out these attacks, but there are also Joe Hoyas out there using similar methodology to carry out smaller attacks.

I just read an interesting article that the some are lobbying for the United Nations to create an ambassador for cyber security relations among states. I think this would actually be helpful.

Also interesting is the Hatch-Gillibrand bill in the Senate this week to curtail financial help and trade programs with countries seen as havens for cybercriminals. We'll have to see how much cyber security continues to be priority for the US or if it even matters. Maybe we're already too late...and how can we have international agreement if we're dealing with non nation-states?

Christopher Newsome said...

As previous comments have pointed out, specialization is an evolutionary tendency and a natural part of human development. It is only natural that specialization to reach the optimum level: in this case, criminal profit. While this is a scary progression, the most worrisome development for me is criminal specialization on the Internet. The growing speed of communication will allow for cyber criminals to cooperate across nations. A highly specialized “ring” of criminals might hail from all across the globe, brought together by mere fiber optic wire. Also, these cyber criminals would just be specialized units for hire: not aligned with a specific cause or motivation. Thus, not only would the ring be capable, bringing the cyber criminals to justice would require multi-lateral international cooperation and agreement. Given the current state of international law on this subject, I find it very unlikely that this could ever happen.
To answer Marisa’s question: I would think it would be very difficult to detect communication between these specialized individuals or cells because of the large amount of indirect chatter. A cyber criminal might as the help of a specialized “coder” or “launderer” as a one time consult. Thus the communication between cells becomes more like a web diagram, rather than a hierarchical tree diagram. It would be easy to round up cyber criminals from the bottom up, but instead, this specialization requires catching each “piece of the puzzle” as it occurs.

Nick G said...

The world of technology opens up huge opportunities for criminals. As time goes on people become better at what they do as well as invent new strategies and items to make what they do easier. The AK 47 was not the first weapon ever created. We begin to find that special needs influence what we create.
Criminals are constantly finding new ways to become better at what they do. I believe that as criminals become more specialized the crimes that they commit will become more complexed and harder to fix. In the article they connect a specialized cyber criminals to that of a specialized doctor. That doctor is going to be better at that special procedure that a general practitioner. A cyber criminal is going to be better at a specific task when he or she has a lot of skill in it.