Five years is a very long time in cybercrime. In this period, we have witnessed the maturity of the digital underground economy, the emergence of hacktivism and the rise of botnets.
When we talk about the digital underground economy, what we mean is a collection of self-sufficient global networks that operate mostly in closed Internet forums and facilitate an array of cybercrimes including banking attacks, payment card frauds, identity theft and other online intrusions. Stolen personal and financial data is retailed on these forums.
The sophistication of this criminal business model is such that members of these networks are able to focus on specific tasks including producing malicious code or delivery mechanisms for attacks. There are even specialists who are dedicated to the generation of payment card authentication numbers and the recruitment of money mules, individuals who turn the proceeds of cybercrime into hard cash--sometimes without knowing that they are engaging in criminal activity.
Cybercriminal businesses are constantly innovating. As well as making extensive use of social media to distribute scams and links to malicious software, they scan the environment to identify new software vulnerabilities, new environments popular with Internet users and new attack vectors. Among the more ingenious forms of scam in recent years is police ransomware. This malicious software locks the user's computer until a fine is paid to an online bank account. The insignia and branding of legitimate law enforcement agencies are reproduced to convince the user that they are dealing with the real police in their home country, an impression reinforced by the translation of the notification into the appropriate language. The user is informed that they have engaged in criminal activity online, for instance downloading of child abusive material or pirated audiovisual files.
By playing on the fear and guilt of the victims, this kind of cybercrime has proven to be highly lucrative. The law enforcement community, supported by the European Cybercrime Centre (EC3) at Europol and Interpol, is making tangible progress against the criminal groups engaged in ransomware distribution. In February 2013, Operation Ransom, led by the Spanish police, resulted in 11 arrests for the production, development and distribution of this type of malware, and the arrest of another 10 individuals involved in the financial side of the...