Cybercriminals operating out of Russia have managed to accrue around $790 million by defrauding businesses and individuals in the US and Western Europe.
According to a white paper by Kaspersky Labs (link below), Russian cybercriminals have stolen over $790 million in the last three years. And that’s just reported losses. The actual figure could be much higher.
Since 2012, law enforcement agencies in Europe and the US have arrested 160 ethnic or Russian speaking hackers. Of the $790m in reported losses, $509m was from companies outside the former USSR.
Kaspersky says over 95% of cyber theft is based on malware.
If you thought hacking involved opportunist programmers working alone, think again. According to the IT Pro website (link below), the Russian cybercrime industry has taken on 1000 employees in the last three years to keep pace with demand.
Russia, and countries like Ukraine, are a rich source of hacking talent. The countries have an excellent education system, capable of producing world-class programmers, but limited career opportunities. It’s a perfect storm for creating a highly skilled cyber crime industry.
Kaspersky : Products and services offered by russian cybercriminals.
The white paper from Kaspersky lists some of products and services offered by the Russian cyber theft industry. It’s a complete solution for groups who decide to target any organization, anywhere in the world.
The “products” include:
• Software designed to gain unauthorized access to a computer or a mobile device, in order to steal data from an infected device or money from a victim’s account (the Trojans);
• Software designed to take advantage of vulnerabilities in the software installed on a victim’s computer (exploits);
• Databases of stolen credit card data and other valuable information;
• Internet traffic (a certain number of visits to a customer-selected site by users with a specific profile.)
The “services” include:
• Spam distribution;
• Organization of DDoS attacks (overloading sites with requests in order to make them unavailable to legitimate users);
• Testing malware for antivirus detection;
• “Packing” of malware (changing malicious software with the help of special software (packers) so that it is not detected by antivirus software);
• Renting out exploit packs;
• Renting out dedicated servers;
• VPN (providing anonymous access to web resources, protection of the data
• Renting out abuse-resistant hosting (hosting that does not respond to complaints
about malicious content, and therefore does not disable the server);
• Renting out botnets;
• Evaluation of the stolen credit card data;
• Services to validate the data (fake calls, fake document scans);
• Promotion of malicious and advertising sites in search results (Black SEO);
• Mediation of transactions for the acquisition of “products” and “services”;
• Withdrawal of money and cashing.
Background Network Vulnerability Checks with Elastic Detector.
Staying one step ahead of sophisticated cybercriminals isn’t easy. That’s why many companies are turning to Elastic Detector as an automated way to check your network for vulnerabilities every day. We add an average of 20 new vulnerabilities daily to our threat list, which minimizes the window of opportunity for hackers.
Highlights of our Elastic Detector program are:
– It works on clones of servers, so network performance is not degraded.
– The list of security threats is updated on a daily basis, with prioritized reporting.
– SecludIT provides remediation sheets and fix tips. So even non security specialists can implement fixes.
Kaspersky : Russian Financial Cybercrime white paper.
IT Pro : Russian Cyber Criminals Steal $790 Million.