"Cybercrime as a service" and the globalization of attacks are two of the trends noted by cyber-intelligence firm Group-IB in its third annual High-Tech Crime Report. Now, security firms and law enforcement agencies throughout the world are focused on capturing the leaders behind the organized crime groups believed to be pushing these trends, says Alexander Tushkanov, who leads content protection for Moscow-based Group IB.
"Cybercriminals are taking advantage of the globalization of cybercrime and are going places where the law is not that strong," Tushkanov says during this interview with Information Security Media Group. Cybercriminals are waging attacks against the global economy from countries where law enforcement often turns a blind eye to the establishment of websites that are designed to spread or sell malware, he says.
This is why cross-border collaboration among law enforcement is becoming increasingly critical, he adds. It's also why businesses and governments must keep an eye on how criminals are exploiting new technologies, such as the virtual currency Bitcoin, to sell information and services in the underground economy.
"Bitcoin is an example of a new technology that can be used to process payments or store money," Tushkanov says. "In the report, we say that this trend is probably growing."
"Cybercrime as a service," or the so-called commercialization of malware and other crime tools, has allowed cybercriminals to develop exploits that can be sold or contracted for use on the black market.
In the U.S., where retail network attacks that compromise point-of-sale data have become common, law enforcement should focus on how cybercriminals market their services in carding forums and other underground networks, Tushkanov says.
But he contends that retailers and financial services organizations throughout the world are just as vulnerable as those in the United States. That's because organized crime rings are making malware readily available throughout the world.
Organized crime rings also have made it easy for criminals to buy and sell information, such as stolen credit card data and other illicit goods, in underground forums. And it's proving challenging for law enforcement to shut these sites down, Tushkanov says.
During this interview, Tushkanov also discusses:
- Why attributing cyber-attacks to one particular group is challenging;
- How attackers are compromising mobile platforms to commit fraud; and
- What next steps cyber-intelligence firms such as Group-IB are expected to take as they work to track down the cybercrime rings responsible for recent attacks.
Tushkanov is an expert in the field of anti-piracy who has more than five years of experience in managing content protection, which is his focus at Group-IB. As head of the company's anti-piracy department, Tushkanov leads a team that is focused on automating monitoring, removing illegal content and completing various research initiatives.