News & Views » Cover

The Digital Mafia

You've got mail – and it's from the mob!

comment

Page 3 of 4

The recruitment of these and other Internet technology savvy people around the globe by organized crime to target your inbox in an organized fashion is what is causing the international spike in spam and Internet scams, according to McAfee's 2006 annual Virtual Criminology report.

"Cybercriminals need not only IT specialists -- they need people that can launder money, people that can specialize in ID theft, someone to steal the credit numbers, then hand it off to someone who makes fake cards," says FBI Cyber Division Section Chief Dave Thomas in McAfee's report. "This is certainly not traditional organized crime where the criminals meet in smoky back rooms. Many of these cybercriminals have never even met face to face, but have met online. People are openly recruited on bulletin boards and in online forums where the veil of anonymity makes them fearless to post information."

Although organized criminals may have less of the expertise and access needed to commit cybercrime, they have the funds to buy people with the skills to do it for them, the report says.

The competition for these computer-savvy minds has become so intense among organized crime gangs, that they are using KGB-style tactics to recruit them, including approaching them on campus or at technology conferences and even paying for their schooling, according to the report and the FBI sources quoted in it.

For international criminal gangs, experts say, the lure of easy money online combined with the lack of risk is making cybercrime as attractive if not more attractive than drug-running.

Without a botnet, access to millions of e-mail addresses or help laundering money, Sharma was making $20,000 a day. With those things in place, the possibilities are limitless.

According to Trend Micro's 2006 threat report, organized crime operating on the Internet was the key force behind identity theft, corporate espionage and extortion in 2006. How do they know?

In the new world of Internet crime, the main cops aren't who they used to be and they are not affiliated with the government, at least not directly. McAfee, Trend Micro, Postini and a host of other Internet and spam "protection" companies make their money keeping the Internet usable for millions of people. While they often collaborate with law enforcement to catch the bad guys, mostly these companies block spammers' work by going head to head with them on a daily basis.

Postini fights this war with giant server farms that connect to the Internet from 12 data centers around the world. As Druker explains it, Postini and services like it "sit out on the Internet between your e-mail and the rest of the Internet." All of the e-mail, instant messaging and Web traffic for Postini's 36,000 corporate customers and 10 million users passes through its systems.

"We can tell when there is a computer on the Internet that is sending out a lot of bad stuff all at once, that is exhibiting behavior of a bad guy," says Druker. "By looking in real time and understanding who the bad guys are, where infected computers are, we can block about 60 percent of it without really having to do any work. When we see that happening we will block that same bad guy for all 36,000 customers. It's kind of neat. The bigger we get, the more of the Internet we see and the better our protection is because we are seeing more and more of it faster."

The other 40 percent is trickier. Postini and other companies use computer programs with thousands of rules to decide whether to let other e-mail through. Finally, when spam does get through, employees working around the clock analyze it to figure out why and constantly update the rules to keep it from happening again.

E-mail filtering programs such as McAfee's Spamkiller can help weed out some of the junk e-mail people receive. - NEWSCOM
  • NEWSCOM
  • E-mail filtering programs such as McAfee's Spamkiller can help weed out some of the junk e-mail people receive.

"It's an arms race," says Spitzner. And it is one that has increasingly heated up this year as the combined efforts of organized crime has led to repeated attempts to crash through their walls.

The attacks, Druker says, do follow a predictable pattern. Take the Happy New Year e-mails that went out earlier this month, in the process breaking all records for spam in the December and January months. A virus like that is usually the thunder before the storm, or the first wave of an attack, Druker says, because the virus is infecting computers and being used to build and increase the size of botnets for an inevitable second wave in which a massive spam scheme of some kind is sent over the new channels to the widest possible audience.

Ironically, new schemes that have come to light this fall and winter have led some experts to speculate that volumes may decrease -- and that's not a good thing. That's because cybercriminal families are beginning to show the ability to target specific users who may be more vulnerable to their ads.

Tags

Add a comment