TRENDS RESEARCH & ADVISORY

Wednesday, October 5, 2016, 10:07 am
Sign up for Newsletter

image

image
Securing Cyberspace: The Emergence of Organised Cybercrime

Securing Cyberspace: The Emergence of Organised Cybercrime

October 5, 2016
Andrew Staniforth
Andrew Staniforth Non-Resident Fellow - Counter Terrorism & National Security

Online activities have now become central to the very way in which millions of people across the world live their lives. While the Internet has positively enriched societal communications and economic opportunities, these technological advancements have changed – and continue to change – the very nature of crime, serving to breed a new sophisticated and technically capable criminal.

The nature of some ‘traditional’ crime types have been transformed by the use of Information Communications Technology (ICT) in terms of their scale and reach, with threats and risks now extending to many aspects of social life. New forms of criminal activity have also been developed, targeting the integrity of computers and computer networks. Threats exist not just to individuals and businesses but to national security and critical infrastructures. Furthermore, the borderless nature of the phenomenon of cybercrime means that any citizen, community or country, can be targeted from any jurisdiction across the world.

 

New reality

The scale of contemporary cybercrime is significantly challenging the capacity and capability of even the most sophisticated Law Enforcement Agencies (LEAs). By its very nature, cybercrime has a far-reaching trans-national dimension which substantially increases the complexity beyond the detection of other crimes. It is a type of crime that has been embraced by criminals who are now working together in what is a new era of collaboration and coordination of organised cybercrime. According to Europol, there are an estimated 3,600 Organized Crime Groups (OCGs) active in the European Union (EU).  These groups are becoming increasingly networked in their organization and behaviour, characterized by a group leadership approach and flexible hierarchies. Through advances in international trade, an ever-expanding global transport infrastructure and the rise of the Internet, have served to engender a more international and inter-connected form of serious and organized crime which has never been seen before. As a direct result, there is an increased tendency for OCGs to cooperate with or incorporate into their membership a greater variety of nationalities. The majority of these cybercriminals will never physically meet, and only communicate to progress their activities in the virtual world of cyberspace. This phenomenon has seen an increase in the number of heterogeneous groups that are no longer defined by nationality, ethnicity, or criminal bonds or kinship. Contemporary criminals act undeterred by geographic boundaries and can no longer be easily associated with specific regions or physical centres of operation.[i] These developments, as part of the relentless rise of organised cybercrime, has caught many LEAs off-guard who remain behind the pace of change from the dynamic and evolving threat.

 

Changing landscape

The cybercrime threat landscape is subject to constant change, development and diversification.  As an example, cyber criminals are now streamlining and upgrading their current techniques, while companies and governments struggle to prevent and detect their old tactics. Cyber attackers continue to breach computer networks with highly targeted spear-phishing attacks which are increasing in volume.   At the same time, as the development of mobile communications provides a larger attack surface, and organised cybercriminals are increasing their volume of mobile malware and rogue mobile applications as half of the world’s adult population now own a smartphone. The technological advancements of the smartphone have made it the go-to device over the computer, and the one to which people are always connected. Cybercriminals are increasingly looking to exploit this change in user device preference by switching an expanding proportion of their attacks to mobiles. As a result, more standalone attacks on mobile devices are expected in the future which presents a real and present menace to the individual smartphone user. In addition, future attacks on online payment systems are also expected to rise as their popularity and use grows. An increase in large-scale retail and banking breaches is also anticipated, as cybercriminals seek more efficient and profitable types of attack.  In summary, organised cybercrime threats continue to grow more targeted and more advanced, raising acute concerns for cyber security practitioners.

 

Criminology perspectives

Many police officers and security policy makers may regard the threats from cybercrime as something relatively new but its origins can be traced back decades. In 1970, over the course of three years, the Chief Teller at the Park Avenue branch of New York’s Union Dime Savings bank manipulated the account information on the bank’s computer system to embezzle over $1.5million from hundreds of customer accounts. Cited as one of the very first crimes associated with the misuse of computers, the cunning of the Chief Teller provides evidence of how technological developments have been exploited for criminal gain. From the first introduction of computers in the work place to today’s ever-expanding cyberspace, new opportunities have been created for criminals to commit crimes through a set of unique features, features that are described as the ‘transformative keys of cybercrime’ which includes:

  • Globalisation – providing opportunities to exceed conventional boundaries;
  • Distributed networks – generating new opportunities for victimisation;
  • Data trails – creating new opportunities to commit identity theft.[ii]

The transformative keys of cybercrime have served to challenge traditional criminological perspectives which have defined crime by social, cultural and material characteristics, and have viewed crimes as taking place at a specific geographic location.  Such perspectives of crime have allowed for the characterisation of crime, and the subsequent tailoring of crime prevention, mapping and measurement methods to the specific target audience. However, this characterisation cannot be carried over to cybercrime, because the environment in which cybercrime is committed cannot be pinpointed to a geographic location, or to a distinctive social, ethnic or cultural group which adds further complexity to understanding cybercrime and the threat it poses to neighbourhood safety and national security.

 

Meeting the challenge

While police officers, policy makers and academics tackle the phenomenon of cybercrime in their respective domains of expertise, the economic impact of cyber-attacks across public and private sectors continues to increase at an alarming rate. Of great concern to governments across the world is the realisation that the rapid digitalisation of consumers’ lives will increase the cost of data breaches to an estimated $2.1 trillion globally by 2019. The financial impact of cybercrime is therefore an international threat to economic stability, security and well-being.  To meet this challenge, all in authority would be wise to treat cyberspace for what it is; a separate socio-spatial dimension in which people choose not only to communicate, but also to dwell, trade, socialise and cultivate; to create intellectual property, generate economic wealth, to begin and end relationships; to forage, feud and thrive, to heal, harm and steal.[iii] Viewed in this way cyberspace is another continent, vast, viable and virtual, a distinct jurisdiction requiring its own constitution and legal system with its own LEAs and agents. To police this new cyber continent effectively and protect all online citizens and communities requires a dedicated, determined and strategic response.  Most importantly, it requires an unprecedented level of cooperation, coordination and collaboration between LEA’s and the private sector across the world if we are ever going to stem the flow of organised cybercrime and keep citizens, consumers, companies and countries safe in cyberspace.

 

 

 

 

[i] Brown, S D. (2008) Combatting International Crime: The Longer Arm of the Law. Oxon: Routledge-Cavendish.

[ii] Wall, D S. (2007). Cybercrime: The Transformation of Crime in the Information Age. Cambridge: Polity Press.

[iii] Sampson, F (2014) Chapter 14 Cyberspace: The new frontier for policing? Cyber Crime and Cyber Terrorism Investigator’s Handbook. London: Elsevier.

Related Posts


  • Concealing Cybercrimes: The Art of Anti-Forensics
    Asia & the Pacific

    Concealing Cybercrimes: The Art of Anti-Forensics

    Two years ago at a Security Summit in New York City attended by Chief Information Security Officers, Ginni Rometty, the IBM Corporation’s Chairman, President and Chief Executive Officer, delivered a stark warning about the threat from cybercrime stating: “We believe that data is the phenomenon of our time. It...


  • Securing the State: Structures to Counter Contemporary Terrorism
    Asia & the Pacific

    Securing the State: Structures to Counter Contemporary Terrorism

    Despite developing ever increasingly sophisticated responses to counter-terrorism, successful terrorist attacks continue to occur with alarming regularity; which includes the sudden surge of terrorist attacks across Europe. On the afternoon of 17 August, 22-year-old Younes Abouyaaqoub drove a van into pedestrians on La Rambla in Barcelona, Spain, killing 15...


  • Cyber-terror tactics: Hacking autonomous vehicles
    Asia & the Pacific

    Cyber-terror tactics: Hacking autonomous vehicles

    Cities across Europe remain under siege from recent terrorist events fuelled by the extremist ideology espoused by Daesh. The UK has witnessed four terror attacks in as many months, three of them occurring in London, including incidents outside the Finsbury Park Mosque, on Westminster Bridge and London Bridge. The...