Stealing ten million dollars a few hundred dollars at a time used to be too labor-intensive to be a great business. Not anymore. The Internet and advances in semiconductor technology are revolutionizing theft and fraud. Thieves can now steal tens of millions of dollars at very high profit margins from low-value targets--at very low cost to themselves.
The recent indictment of a global hacker ring by federal prosecutors is a harbinger of cybercrime's future. The ring stole 160 million credit card numbers and sold the data for about $10 per USA card. The same group stole information on 800,000 bank accounts. More than $300 million was taken from three affected companies.
And now the news for cybercriminals is getting even better: a shadowy cybercrime underground is providing them with tools and services that will make them more efficient.
The productivity of low-level cyber-laborers can be staggering. No minimum wages here. The recent $45 million cyber-theft that targeted Bank of Muscat of Oman and National Bank of Ras Al Khaimah PSC (RAKBANK) of the United Arab Emirates spanned 27 countries. In ten hours, approximately $40 million was stolen in 36,000 transactions, or about $1,100 per transaction. The leaders of global crime ring that pulled off the heist have yet to be identified. Seven of the eight cyber-laborers who worked New York City have been apprehended. The eighth is believed to have died. The eight were able to steal $2.9 million in ten hours. The local gang kept around 20% or roughly $600,000. That comes out to about $7500 per hour per thief--more than one thousand times the city's minimum wage of $7.25 per hour. What a great alternative to flipping burgers.
One cybercrime's most important products is the botnet, short for robotic network, software programs that run on servers. The person in charge of the botnet is called a cracker. The goal of the botnet servers is to install malicious software on computers and turn them into zombie computers. Zombies take orders from the botnet servers. They may be commanded to send out spam, engage in denial of service attacks, or install software on other people's computers that enables them to track keystrokes. By tracking keystrokes, zombie computers can get access to user names and passwords linked to online bank accounts.
The computer in your home office may be one of these zombies--an active foot soldier in a cybercrime army.
The scale of these operations is difficult to comprehend. Microsoft recently broke up the Citadel Botnet Ring. The ring consisted of 1,500 botnet servers, the virtual equivalent of mafia consigliere that recruited and managed 1.2 million zombies. Microsoft claims Citadel Botnets were responsible for $500 million in thefts.
Large-scale, sophisticated botnet criminal rings have been quite expensive to set up. But now, criminal start-up entrepreneurs can do it on the cheap. They can buy software and services and get in business for as little as $595. They can even buy surplus zombies for pennies. Zombies under the control of the Zeus botnet were recently offered at $60 per thousand, or 6 cents per foot soldier. Payment in an anonymous Internet currency was required making it extremely difficult to identify the buyer or seller.
Service companies have sprung into existence to do the jobs computers can't. One of the techniques web sites use to thwart bots is captchas--the string of distorted letters users have to type in when setting up accounts on Internet sites. Because these distorted letters are difficult for machines to read, humans must do the job. Numerous sweatshops employing hundreds of workers have been set up in Asia, where low-wage workers decode captchas for less than a dollar per thousand. Some bots even contain interfaces that will automatically submit captchas to the sweatshops.
Shutting down a botnet ring is no easy task. One technique is to get court orders to disable botnet servers. When authorities in Panama and the Netherlands took down the Grum botnet that was primarily employed in sending out pharmaceutical spam emails from their countries, the cybercriminals brought up servers in the Ukraine, a safe haven for cybercriminals, to carry on their work. Another technique is to use "sinkhole" servers that can block botnets from getting access to the website they are trying to attack. Sinkholes can be used to discover zombie computers and notify their owners to disinfect them or take the infected computers offline.