By the success of the criminal underground, one could easily conclude digital criminals have a distinct advantage over law enforcement agencies. As to why, one theory (PDF) suggests underground merchants (thanks to the internet) can conduct business throughout the world in relative anonymity.
“The technologies that society craves for its freedom, its expediency, and its social livelihood are the same technologies that enable the criminal syndicate to exploit vulnerabilities in the network and the human psyche,” write Calum Jeffray and Tobias Feakin (PDF) of the International Cyber Policy Centre. “And often from the relative anonymity of a residential basement in a town, you have barely heard of, let alone been to.”
Not all underground markets hide
Anonymity, surprisingly, does not appear to be much of a concern, at least in North America. According to Trend Micro’s Stephen Hilt and Kyle Wilhoit, underground denizens located in the US and Canada may be under ground, but they are not hiding.
To start, Hilt and Wilhoit, in their research paper North American Underground: The Glass Tank (PDF), acknowledge that the cybercriminal underground is open for business and business is booming. They go on to mention that, unlike other countries, “The North American underground does not rely on limiting access for sustainability. It does not close its doors to novices. On the contrary, it encourages cyber criminal activity.”
What’s more, “Many of the North American underground sites are easy to access, as they are often found on the Surface Web. This convenience lures more and more people to its various forums and marketplaces. Anyone armed with the right search query can enter.”
It’s this openness that interests Hilt and Wilhoit. They wonder about the ease of access. “This transparency creates a paradox,” write Hilt and Wilhoit. “The supposed freedom and liberty this underground provides may allow cyber crime to thrive, but it does so under the watchful gaze of law enforcement, ready to serve their cease-and-desist orders at any time.”
“This underground is a glass tank.”
The authors’ research indicates increased visibility means more customers, greater profit for the sellers, and speedier market growth. The rapid fluctuating nature of the transactions, they point out, causes all sorts of headaches for law enforcement agencies. “This underground is a glass tank, as much as it is transparent, it is also fragile,” mention Hilt and Wilhoit. “Although criminal transactions are done out in the open, they are very fickle. The life span of most underground sites is short. They could be up one day and gone the next.”
Types of transactions being conducted
The Trend Micro researchers report that drugs, the reason du jour for underground economies originally, still hold the number one spot, comprising 62% of underground business in North America (Figure A).
Image: Trend Micro
As to what else is available, Tom Kellermann, chief cybersecurity officer at Trend Micro, tells Secured Universe News, “It’s more of an Amazon [type] shopping mall for goods and services, a one-stop shop for anything nefarious.”
It is hard to argue with Kellermann’s “anything nefarious.”
“Perhaps more disturbing than drugs and weapons is the ubiquity that murder-for-hire services are enjoying in the North American underground,” write Hilt and Wilhoit. “Some murder-for-hire sites even itemized their service offerings.”
Hot cybercrime sales
To a more mundane subject, the report states that “crypting services” are by far the most sought after crimeware in North America. Crypting services, put simply, make malware undetectable by all standard anti-malware applications. As for being worried about anonymity, the web page in Figure B was ranked second in a search engine query.
Image courtesy of Trend Micro, Stephen Hilt, and Kyle Wilhoit
Tip of the hat
On a positive note, the Trend Micro paper mentions, “Law enforcement efforts in North America are generally stronger compared to other regions worldwide. The US and Canadian governments have always been committed to protecting their citizens from cyber crime by continuously beefing up their legislative and enforcement efforts.”
That said, Hilt and Wilhoit warn, “Despite major hits against cyber crime, we are still seeing a brazen and thriving underground economy in the region.”
It seems hiding in plain sight works.