It’s cyber security month, and if you weren’t following that and the news that cyber security organizations are being attacked at an extremely high rate this month, well another alarming cyber crime report become public today. Following yesterday’s “Cost of CyberCrime” report from the Ponemon Institute and HP, Group-IB released its own annual report this time it illustrates how the Russian Cybercrime industry has reached $1.9 Billion dollars. The research in this report known as “Market of high-tech crimes:” status and trends of 2013” was released through the news agency RIA Novosti. Group-IB is a global Cyber Security company based out of Moscow, Russia – founded in 2003, and it operates the largest forensic laboratory in Europe. The group is notable for a number of security discoveries including zero-day vulnerabilities, botnet activities, and anything that touches on cyber crime.
The report is the result of this effort conducted by the group to investigate and monitor cyber crime within Russia. The evidence indicates what many have feared – that there is a vibrant, growing cyber criminal market and international efforts to dissuade this market has had little to no effects. The criminal entities engage in a number of methodologies including botnets, custom software, zero-day malware, phishing attacks, and more. The attacks are leveraged at corporations, private citizens, banks and other financial institutions, just to name a few. Now in reading the report, it is clear that some efforts have been made to curb some of this crime but it continues to grow as the challenges are great.
In addition to all the technical challenges and the lengthy investigative procedures required to curb this type of illicit activities, there are a countless number of inconsistencies and ambiguities that affect these efforts. This is because the crimes are often launched internationally, and unclear jurisdictions, powers to investigate, definition of financial burden, and inconsistent laws across borders get in the way. The report emphasizes in particular a number of financial attacks within Russia itself and gives a forecast of continued growth in the field of fraud and cyber criminal activity. It also goes into some of the techniques that are being launched in financial fraud efforts around the world against banks, internet trading systems, POS terminals, mobile device attacks, and more. There is a considerable section within the report that illustrates some of the advanced cyber crime gangs that have been taken down within the country with the involvement of Group-IB.
Investigations carried out by Group-IB in the past few years accumulated a significant amount of documentary materials on the activities of criminal groups in Russia. In the 2012, several operations aimed at suppressing the activities of cybercriminals were planned and successful executed. The operations were carried out in active collaboration with the Federal Security Service of the Russian Federation (FSB) and the Russian Ministry of Internal Affairs.
The group is increasingly involved in taking down botnets that are commonly found within these criminal operations, and they detail the dismantling of a number of these.
In all, while the report is largely focused on Russian cyber crime, it is a telling report that tells the tale of one information security group deep within that country’s continuing fight to control this cyber crime market there. The explosive numbers mentioned in the report about the volume of the market are certainly attention-getting, and it can be projected that a long fight is ahead in getting that element brought to justice and under control.