Gangs and vigilantes - the New Mafia of cybersecurity

This is a contributed article from Marcin Kleczynski, CEO and founder at Malwarebytes

Without question, cybercriminals are the New Mafia of today’s world. In the last decade alone, cybercrime has evolved from computer viruses that commandeered a small number of PCs to sprawling security breaches and state-sponsored cyberattacks.

The sophistication behind these criminal activities is evolving rapidly. However, the organizations behind the attacks are adopting age-old tactics to achieve their aims: fear, confusion, intimidation and a collective feeling of helplessness. Techniques more commonly employed by criminal gangs to control entire neighbourhoods and cities.

In this fight against the New Mafia, it seems they are currently winning with a reported 2,000% increase in ransomware detections and the cost of cybercrime amounting to $11.7 million. However, we have beaten them before, here’s how we do it again.

The emerging gangs

In order to beat these criminals, it’s important to understand them and how they operate. There are now four distinct syndicates that can be characterized by their similarities to traditional crime families. Collectively, they form a diverse and dangerous set of online operators with motivations as different as their backgrounds. These are:

  1. Traditional gangs – This group has taken the motivations and acts of traditional organized gangs: theft and the sale of drugs, guns and stolen goods to the online world. It’s comprised of hackers and pre-existing groups that have been able to co-opt those with the skills to help maintain their position, despite the disruption brought by the internet.
  2. State-sponsored attackers – There has been a dramatic rise in attacks by state-sponsored hackers with the aim of stealing information and disrupting political activity. The supposed Russian interference in the US election and widespread hacks from North Korea are recent examples. Their activity is subtler than others – yet can have similarly detrimental impact. These hackers are interested in corporate theft and sabotage, suggesting a blurring of the distinction between cybercrime and cyberwarfare.
  3. Ideological hackers – Renowned for gathering and leaking classified information about governments and high-profile organizations that can destroy reputations on the basis of moral and ethical duty. Often, they attempt to use the threat of classified leaks to coerce their victim to act in their favour.
  4. Hackers-for-hire – A big development in cybercrime is the growth of a highly-professionalized economy for hackers’ services. These individuals are akin to paid guns-for-hire, operating with an emphasis on 24/7 customer service – in some instances – and reliability. The important change here is the removal of technical knowledge as a barrier to cybercrime. The appropriate skills no longer have to be learned, instead, budding criminals can outsource the technical execution of their schemes.


The impact on businesses

Similar to the mobsters who dominated major cities in the 1930s, today’s gangs are muscling their way in to make demands and control computers and personal information in order to threaten their victims. Businesses however, are hugely underestimating their vulnerabilities. The many ways in which cybercrime is able to target a business can cause delays in identifying a breach, leading to confusion around the size and scope of threats.

For example, 74% of those surveyed by PwC reported that they either had not been or did not know whether they had been victims of cybercrime. In contrast, Malwarebytes research found that the proportion of businesses who state they have experienced no cybercrime is much smaller, between 21% and 35%. This indicates a potentially dangerous gap in understanding the threat. Not only will this lead to reputational damage, financial loss and legal costs but also to an underreporting of these kinds of crimes.


Getting honest about vulnerabilities

Due to cybercrime’s infancy – in comparison to traditional forms of crime – there is still some reservation among legislators to recognize its financial and emotional toll. This often makes cybercrime more difficult to prosecute, further adding to victims’ feelings of helplessness.

The different perception of the types of cybercrime and the lasting effects it can have, has a significant impact on the way victims are treated. For instance, public shaming of victims is unproductive in the battle of prevention and protection. It also further encourages the reaction of paying for the silence of the perpetrators.

We know nobody is immune to cyberattacks. So, we must change how we deal with victims and treat it as a learning experience rather than a scolding. An honest and empathic environment, without fear of embarrassment or reprisal, will help encourage the flow of information and will prove invaluable in recognizing vulnerabilities and aid the efforts of law enforcement.


Instilling a ‘no fear’ attitude

From Eliot Ness and the Untouchables taking on Al Capone, to the Italian prosecutors courageously going after the Sicilian Mafia in the early 90s, throughout history, there have been bands of individuals working with law enforcement to bring down criminals. Today, businesses have the power to be the vigilantes in this fight. Collective experiences, knowledge and insights will shed a light on the nefarious activity being carried out by elusive gangs.

It is true that most law enforcement agencies and regulatory bodies have deployed specialist teams devoted solely to cybercrime. But, the fragmented, global nature of technology and networks makes it difficult to identify and foil these unlawful activities. Individuals and businesses alike now have the opportunity to help the international effort against cybercrime groups by curating an environment that communicates the risks and threats that have affected them. Doing so will enable all participants in the fight against cybercrime better identify and repel threats.

Awareness and intelligence will become our best weapons against the New Mafia. Dialogue will normalize and demystify the evolving threats and motivations of the perpetrators. Without accepting and sharing our experiences, these groups will continue to operate in the shadows.

Rather than sit back and simply try to minimize the damage of cybercrime, both individuals and organizations have the opportunity to take the same actions that previous generations of vigilantes did against the feared syndicates of their day: fight back.


« What you need to do to ensure IoT data is collected effectively


News Roundup: Apple Source code leaked because one employee's friends asked for it »
IDG Connect

IDG Connect tackles the tech stories that matter to you

  • Mail


Do you think your smartphone is making you a workaholic?