The Cybercrime Ecosystem by Eugene Kaspersky - Founder/CEO Kaspersky Lab

Cybercrime As a Business

Contemporary cybercrime is like any other business. It behaves according to traditional business principles such as profitability, ease of use, risk management, and emerging markets.

Cybercrime Is Profitable

The most important criterion for any business is profitability, and cybercrime is no exception. As a matter of fact, cybercrime is extremely profitable. Large sums have been stolen successfully in one-shot deals, as well as by acquiring small sums in large quantities. For example, in 2007 alone there was an average of one cybercrime reported per month.

  • January 2007 - Russian hackers, with the aid of Swedish middle-men, steal 800,000 euros from Swedish bank Nordea.
  • February 2007 - Brazilian police arrest 41 hackers for using a Trojan to steal bank account details used to make 4.74 million dollars.
  • February 2007 - Seventeen members of Internet fraud gang arrested in Turkey for stealing up to 500,000 dollars.
  • February 2007 - Li Jun arrested for the "Panda burning Incense" virus used to steal gaming and instant messaging (IM) account names; believed to have made around 13,000 dollars by selling the malware.
  • March 2007 - Five eastern Europeans imprisoned in the UK for credit card fraud; they stole an estimated 1.7 million pounds.
  • June 2007 - 150 cybercriminals arrested in Italy; alleged to have bombarded Italian users with fake emails to generate around 1.25 million euros in ill-gotten gains.
  • July 2007 - Russian cyber thieves allegedly used a Trojan to steal 500,000 dollars from Turkish banks.
  • August 2007 - Ukrainian Maxim Yastremsky [aka "Maksik"] detained in Turkey for allegedly making tens of millions of dollars from ID theft.
  • September 2007 - Gregory Kopiloff charged in the U.S. for allegedly using P2P file-sharing software Limewire and Soulseek to gather information used in ID fraud; allegedly made thousands of dollars in purchases using stolen data.
  • October 2007 - Greg King arrested in the U.S. for participation in the February 2007 DDoS attack on Castle Cops; faces a maximum sentence of 10 years in prison and 250,000 dollars in fines.
  • November 2007 - The FBI arrests eight individuals in the second phase of its anti-botnet initiative dubbed "Operation Bot Roast", which has allegedly so far uncovered more than 20 million dollars in economic losses and more than one million victim computers.
  • December 2007 - Cybercriminals broke into computers at the U.S. Department of Energy's Oak Ridge National Laboratory (ORNL); reportedly also targeted Los Alamos National Laboratory and Lawrence Livermore National Laboratory. Over 12,000 Social Security numbers and birth dates of ORNL visitors between 1999 and 2004 were stolen. This breach is a national security issue and leaves the individual victims vulnerable to identity theft and financial fraud.

These examples are merely the tip of the iceberg. The victims and/or law enforcement agencies cleared these examples for public discussion. Most cybercrimes are either investigated in-house by the affected organizations or by law enforcement agencies conducting undercover investigations. The results are almost never made public. Figure 1, from a recent report by the Computer Security Institute, shows the reasons that organizations choose not to report such incidents.

<< Previous  Next part >>

©2008, Kaspersky Lab, Inc. All rights reserved.

To Top

"The most important criterion for any business is profitability, and cybercrime is no exception."






















"Most cybercrimes are either investigated in-house by the affected organizations or by law enforcement agencies conducting undercover investigations. The results are almost never made public."