Interpol: Organized Crime Behind Cyber Attacks

By | May 11, 2012

The head of Interpol, the international police agency, said that organized criminal gangs are behind most cyber-crime attacks. Cyber-crime is also increasingly international in structure. The message for midsize firms and their IT managers: You are a prime target.

Unlike politically motivated "hactivists," organized-crime hackers are not seeking publicity. They aren't in it to send a message or even for self-glorification. They're just in it for the money. Midsize firms are large enough to be tempting targets. But most do not have extensive cybersecurity organizations or policies. And they are not so big that attacks draw unwanted public attention.

Bigger Than Drugs

Khoo Boon Hui, president of Interpol, recently addressed the agency's European Regional Conference in Tel Aviv, Israel, As reported by AFP's Steve Weizman via Yahoo News, Hui said that most cyber crime is conducted by organized international gangs. And their take makes cyber crime more costly than global cocaine, heroin, and marijuana trafficking combined.

Hui estimated that 80 percent of online crime is "connected to organised gangs operating across borders." For organized criminal groups, cyber crime offers multiple advantages. It is more lucrative and less risky than traditional rackets. And the global character of the Internet makes cyber crime much easier to organize on an international basis.

Another report on the same conference, by AP's Daniella Cheslow, also at Yahoo News, noted that the Internet allows a sort of cloud crime: cyber criminals can operate from countries with weak law enforcement, yet take advantage of the latest technology.

As part of its response to the growing challenge, Interpol plans to open a cyber-crime and digital security complex in Singapore in 2014.

Protecting Against Organized Cyber Crime

Along with illegal gambling, credit card and bank fraud were cited as activities favored by organized cyber-crime groups.

Most consumer-facing midsize firms have credit card operations, and their credit card data is a prime target. But other potential risks can hardly be ignored. Technical specifications or product information can be stolen and peddled on the black market. Memoranda, emails, or other internal communications may be used to blackmail the firm or individual executives.

Organized cyber criminals prefer to keep a low profile and avoid drawing the attention of international law enforcement. This makes midsize firms an attractive class of targets--large enough to offer a substantial haul, but not so large that attacking them makes news.

The good news for IT managers at these midsize firms is that in spite of the scale and scope of organized cyber crime, most actual attacks are relatively simple, exploiting security holes that could have been plugged. Cyber criminals are looking for the easy heist. Thus, good basic security measures will greatly reduce midsize firms' vulnerabilities to organized online crime.

This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet. Like us on Facebook. Follow us on Twitter.

<hr class="header"/>

IBM Solution Security & Resiliency

IBM IT security expertise can help medium-sized businesses develop, implement and maintain comprehensive strategies to combat ever-evolving security threats without increasing complexity, cost, or resources required for administration.

Learn More »

More on This Topic

Three Security Concerns for 2016

By Allan Pratt on Dec 4, 2015
As we near the end of 2015, what will 2016 look like in the information security sector? Undoubtedly there be an increase in data breaches across all industries, but will businesses take the high road and inform their customers and ...