FC: Organized crime groups going online, report says -- beware!

From: Declan McCullagh (declanat_private)
Date: Tue Aug 14 2001 - 08:30:46 PDT

  • Next message: Declan McCullagh: "FC: Pro-choice groups try to close abortioncams.com, citing privacy"

    Excerpts:
    
    >Indeed, it is possible that some jurisdictions will
    >increasingly seek to exploit a permissive attitude to attract
    >business, creating information safe havens (paralleling offshore tax
    >havens and bank secrecy jurisdictions) that make it difficult for law
    >enforcement to follow information trails, and offering insulated
    >cyber-business operations from which illicit businesses can operate
    >with a minimum of interference.
    
    >In addition, of course, organized crime groups use the Internet for
    >communications (usually encrypted) and for any other purposes when
    >they see it as useful and profitable. Indeed, organized crime is
    >proving as flexible and adaptable in its exploitation of
    >cyberopportunities as it is in any other opportunities for illegal
    >activity. The implications are far-reaching and require a response
    >from government that is strategic, multi-level, multilateral, and
    >transnational in nature.
    
    >The Council of Europe Convention on Cybercrime,
    >largely supported by the United States, is the first major step in
    >this direction and can be understood as the beginning of the process
    >of setting norms and standards that national governments ultimately
    >will be expected to meet in their legislative, regulatory, and
    >enforcement efforts.
    
    Background on Council of Europe treaty:
    http://www.politechbot.com/p-02173.html
    
    -Declan
    
    **********
    
    Date: Tue, 14 Aug 2001 10:01:41 -0400
    From: " Scullyat_private" <Scullyat_private>
    To: <declanat_private>
    Subject: Organized Crime and Cybercrime: Synergies, Trends, and Responses
    
    http://usinfo.state.gov/cgi-bin/washfile/display.pl?p=/products/washfile/latest&f=01081304.glt&t=/products/washfile/newsitem.shtml
    
    Byliner: Internet Is Likely New Target of Crime, Expert Warns
    (Criminal Organizations find new opportunities in cyberspace) (2850)
    
    (The following originally appeared in the Global Issues Aug. 8
    Electronic Journal "Arresting Transnational Crime.")
    
    Organized Crime and Cybercrime: Synergies, Trends, and Responses
    By Phil Williams
    
    (Professor of International Security Studies, University of Pittsburgh
    and
    2001-2002 Visiting Scientist at CERT/CC, a center of Internet security
    expertise at Carnegie Mellon University. Williams is also the editor
    of the journal "Transnational Organized Crime" at
    http://www.pitt.edu/~rcss/toc.html)
    
    The capabilities and opportunities provided by the Internet have
    transformed many legitimate business activities, augmenting the speed,
    ease, and range with which transactions can be conducted while also
    lowering many of the costs. Criminals have also discovered that the
    Internet can provide new opportunities and multiplier benefits for
    illicit business. The dark side of the Internet involves not only
    fraud and theft, pervasive pornography, and pedophile rings, but also
    drug trafficking and criminal organizations that are more intent upon
    exploitation than the disruption that is the focus of the hacking
    community.
    
    In the virtual world, as in the real world, most criminal activities
    are initiated by individuals or small groups and can best be
    understood as "disorganized crime." Yet there is growing evidence that
    organized crime groups are exploiting the new opportunities offered by
    the Internet. Organized crime and cybercrime will never be synonymous.
    Most organized crime will continue to operate in the real world rather
    than the cyberworld and most cybercrime will be perpetrated by
    individuals rather than criminal organizations per se. Nevertheless,
    the degree of overlap between the two phenomena is likely to increase
    considerably in the next few years.
    
    Organized Crime and Cybercrime
    
    Organized crime is primarily about the pursuit of profit and can be
    understood in Clausewitzian (1) terms as a continuation of business by
    criminal means. Consequently, just as brick-and-mortar companies move
    their enterprises on to the Worldwide Web seeking new opportunities
    for profits, criminal enterprises are doing the same thing. Criminal
    organizations are not the only players in illicit markets, but they
    are often the most important, not least because of the added
    "competitiveness" that is provided by the threat of organized
    violence. Moreover, criminal organizations tend to be exceptionally
    good at identifying and seizing opportunities for new illegal
    enterprises and activities. In this context, the Internet and the
    continuing growth of electronic commerce offer enormous new prospects
    for illicit profits.
    
    In recent years, there has been a significant increase in the
    sophistication of organized crime and drug trafficking groups.
    Colombian drug trafficking organizations, for example, have followed
    standard business practices for market and product diversification,
    exploiting new markets in Western Europe and the former Soviet Union.
    Criminal organizations and drug traffickers have increasingly hired
    financial specialists to conduct their money laundering transactions.
    This adds an extra layer of insulation while utilizing legal and
    financial experts knowledgeable about financial transactions and the
    availability of safe havens in offshore financial jurisdictions.
    Similarly, organized crime does not need to develop technical
    expertise about the Internet. It can hire those in the hacking
    community who do have the expertise, ensuring through a mixture of
    rewards and threats that they carry out their assigned tasks
    effectively and efficiently.
    
    Organized crime groups typically have a home base in weak states that
    provide safe havens from which they conduct their transnational
    operations. In effect, this provides an added degree of protection
    against law enforcement and allows them to operate with minimal risk.
    The inherently transnational nature of the Internet fits perfectly
    into this model of activity and the effort to maximize profits within
    an acceptable degree of risk. In the virtual world, there are no
    borders, a characteristic that makes it very attractive for criminal
    activity. When authorities attempt to police this virtual world,
    however, borders and national jurisdictions loom large -- making
    extensive investigation slow and tedious, at best, and impossible, at
    worst.
    
    The Internet itself provides opportunities for various kinds of theft,
    whether from online banks or of intellectual property. But it also
    offers new means of committing old crimes such as fraud, and offers
    new vulnerabilities relating to communications and data that provide
    attractive targets for extortion, a crime that has always been a
    staple of mafia organizations.
    
    The anonymity of the Internet also makes it an ideal channel and
    instrument for many organized crime activities. The notion of a
    criminal underworld connotes a murkiness or lack of transparency.
    Secrecy is usually a key part of organized crime strategy and the
    Internet offers excellent opportunities for its maintenance. Actions
    can be hidden behind a veil of anonymity that can range from the use
    of ubiquitous cybercafes to sophisticated efforts to cover Internet
    routing.
    
    Organized crime has always selected particular industries as targets
    for infiltration and the exercise of illicit influence. In the past,
    these have included the New York City garbage hauling and construction
    industries, the construction and toxic waste disposal industries in
    Italy, and the banking and aluminum industries in Russia. From an
    organized crime perspective, the Internet and the growth of e-commerce
    present a new set of targets for infiltration and the exercise of
    influence -- a prospect that suggests that Internet technology and
    service firms should be particularly careful about prospective
    partners and financial supporters.
    
    In sum, the synergy between organized crime and the Internet is not
    only very natural but also one that is likely to flourish and develop
    even further in the future. The Internet provides both channels and
    targets for crime and enables them to be exploited for considerable
    gain with a very low level of risk. For organized crime it is
    difficult to ask for more. It is critical, therefore, to identify some
    of the ways in which organized crime is already overlapping with
    cybercrime.
    
    Major Trends in Organized Crime and CyberCrime
    
    Organized crime groups are using the Internet for major fraud and
    theft activities. Perhaps the most notable example of this -- albeit
    an unsuccessful one -- occurred in October 2000 and concerned the Bank
    of Sicily. A group of about 20 people, some of whom were connected to
    mafia families, working with an insider, created a digital clone of
    the bank's online component. The group then planned to use this to
    divert about $400 million allocated by the European Union to regional
    projects in Sicily. The money was to be laundered through various
    financial institutions, including the Vatican bank and banks in
    Switzerland and Portugal. The scheme was foiled when one member of the
    group informed the authorities. Nevertheless, it revealed very clearly
    that organized crime sees enormous opportunities for profit stemming
    from the growth of electronic banking and electronic commerce.
    
    Indeed, organized crime diversification into various forms of Internet
    crime is closely related to a second discernible trend -- organized
    crime involvement in what was once categorized as white-collar crime.
    The activities of the U.S. mob and Russian criminal organizations on
    Wall Street fall into this category. During the late 1990s there were
    numerous cases of criminal organizations manipulating microcap stocks
    using classic "pump and dump" techniques. While much of this was done
    through coercion or control of brokerage houses, the Internet was also
    used to distribute information that artificially inflated the price of
    the stocks. Among those involved were members of the Bonnano,
    Genovese, and Colombo crime families as well as Russian immigrant
    members of the Bor organized crime group. As criminal organizations
    move away from their more traditional "strong arm" activities and
    increasingly focus on opportunities for white-collar or financial
    crime, then Internet-based activities will become even more prevalent.
    Since Internet-related stock fraud results in a
    $10,000-million-per-year loss to investors, it offers a particularly
    lucrative area for organized crime involvement.
    
    This is not to suggest that organized crime will change its character.
    Its inherent willingness to use force and intimidation is well suited
    to the development of sophisticated cyberextortion schemes that
    threaten to disrupt information and communication systems and destroy
    data. The growth of cyberextortion is a third significant trend.
    Extortion schemes are sometimes bungled, but they can be conducted
    anonymously and incur only modest risks, while still yielding high
    pay-offs. Indeed, this might already be a form of crime that is
    significantly under-reported. Yet it is also one that we can expect to
    see expand considerably as organized crime moves enthusiastically to
    exploit the new vulnerabilities that come with increased reliance on
    networked systems.
    
    A fourth trend is the use of what were initially nuisance tools for
    more overtly criminal activities. Perhaps the most notable example of
    this occurred in late 2000 when a variation of a virus known as the
    Love Bug was used in an effort to gain access to account passwords in
    the Union Bank of Switzerland and at least two banks in the United
    States. Although this episode received little attention -- and it is
    not entirely clear who the perpetrators were -- it gives added
    credence to the theory that organized crime is developing
    relationships with technically skilled hackers.
    
    A fifth trend that we can expect to see is what might be termed
    jurisdictional arbitrage. Cybercrimes -- certainly when they are
    linked to organized crime -- will increasingly be initiated from
    jurisdictions that have few if any laws directed against cybercrime
    and/or little capacity to enforce laws against cybercrime. This was
    one of the lessons of the Love Bug virus. Although the virus spread
    worldwide and cost business thousands of millions of dollars, when FBI
    agents succeeded in identifying the perpetrator, a student in the
    Philippines, they also found that there were no laws under which he
    could be prosecuted. The Philippines acted soon thereafter to pass
    prohibitions on cybercrimes, and other countries have followed. Still,
    jurisdictional voids remain, allowing criminals and hackers to operate
    with impunity. Indeed, it is possible that some jurisdictions will
    increasingly seek to exploit a permissive attitude to attract
    business, creating information safe havens (paralleling offshore tax
    havens and bank secrecy jurisdictions) that make it difficult for law
    enforcement to follow information trails, and offering insulated
    cyber-business operations from which illicit businesses can operate
    with a minimum of interference.
    
    A sixth trend is that the Internet is increasingly likely to be used
    for money laundering. As the Internet becomes the medium through which
    more and more international trade takes place, the opportunities for
    laundering money through over-invoicing and under-invoicing are likely
    to grow. Online auctions offer similar opportunities to move money
    through apparently legitimate purchases, but paying much more than
    goods are worth. Online gambling also makes it possible to move money
    -- especially to offshore financial centers in the Caribbean.
    Moreover, as e-money and electronic banking become more widespread the
    opportunities to conceal the movement of the proceeds of crime in an
    increasing pool of illegal transactions are also likely to grow.
    
    A seventh trend involves growing network connections between hackers
    or small-time criminals and organized crime. In September 1999, for
    example, two members of a U.S.-based group known as the "Phonemasters"
    were convicted and jailed for their penetration of the computer
    systems of the telecommunications companies MCI, Sprint, AT&T, and
    Equifax. One of those convicted, Calvin Cantrell, had downloaded
    thousands of Sprint calling card numbers. They were sold to a
    Canadian, passed back through the United States, resold to another
    individual in Switzerland, and finally the calling cards ended up in
    the hands of organized crime groups in Italy. Network connections
    between the two kinds of groups are likely to deepen and widen.
    
    In addition, of course, organized crime groups use the Internet for
    communications (usually encrypted) and for any other purposes when
    they see it as useful and profitable. Indeed, organized crime is
    proving as flexible and adaptable in its exploitation of
    cyberopportunities as it is in any other opportunities for illegal
    activity. The implications are far-reaching and require a response
    from government that is strategic, multi-level, multilateral, and
    transnational in nature.
    
    Responses to the Organized Crime-CyberCrime Synergy
    
    The response to the growing overlap between organized crime and
    cybercrime requires a truly comprehensive strategy. There are
    precedents and models for this that can be particularly helpful, even
    allowing for the need to balance law enforcement and national security
    concerns against such considerations as personal privacy. The key
    principles that have guided the international community's responses to
    transnational organized crime and money laundering can serve as one
    good model.
    
    The Financial Action Task Force (FATF), a body set up by the G-7, has
    attempted to create norms and standards for governments and financial
    institutions to follow in the development of laws, regulations, and
    enforcement mechanisms at the national level. Although criticisms can
    be made of the FATF, in 2000 it launched an effective "name and shame"
    campaign that identified 15 "non-cooperative" jurisdictions whose
    efforts to combat money laundering were grossly inadequate. In some
    cases, the results were remarkable, leading to much more stringent
    anti-money laundering programs and far greater transparency of
    financial activities. While the FATF's campaign was the culmination of
    a 10-year effort, it nevertheless provides an approach that could
    usefully be emulated by the international community as it moves to
    combat cybercrime. The Council of Europe Convention on Cybercrime,
    largely supported by the United States, is the first major step in
    this direction and can be understood as the beginning of the process
    of setting norms and standards that national governments ultimately
    will be expected to meet in their legislative, regulatory, and
    enforcement efforts.
    
    Underlying the convention approach is a fundamental recognition of the
    need to harmonize national laws. In recent years, international
    cooperation in law enforcement has been achieved through a series of
    extradition and mutual legal assistance treaties (MLATs) that allow
    governments to share information and evidence with each other. For
    MLATs and extradition treaties to go into effect, however, there is
    usually a requirement of dual criminality (i.e. the crime involved
    must be designated as a crime in both jurisdictions). In other words,
    international cooperation is enormously facilitated by convergence of
    what is criminalized in national jurisdictions. Furthermore, as
    pointed out by Ernesto Savona, head of the Transcrime Research Center
    in Trento, Italy, the imposition of similar laws in various countries
    both spreads the risks that criminal organizations have to confront
    and goes some way towards equalizing the risks across jurisdictions.
    In effect, the more widespread the laws, the fewer the safe havens
    from which organized crime-controlled hackers (or indeed individual
    hackers) can operate with impunity
    
    Harmonization is necessary for both substantive and procedural laws.
    All countries have to reappraise and revise rules of evidence, search
    and seizure, electronic eavesdropping, and the like to cover digitized
    information, modern computer and communication systems, and the global
    nature of the Internet. Greater coordination of procedural laws,
    therefore, would facilitate cooperation in investigations that cover
    multiple jurisdictions.
    
    In addition to appropriate laws, it is also important that governments
    and law enforcement agencies develop the capacity for implementation
    of these laws. This requires the development of expertise in the area
    of cybercrime as well as effective information sharing across agencies
    within a country and across national borders. Moreover, this sharing
    has to go beyond traditional law enforcement bodies to include
    national security and intelligence agencies. It is also essential to
    create specialized law enforcement units to deal with cybercrime
    issues at the national level. Such units can also provide a basis for
    both formal international cooperation and informal cooperation based
    on transnational networks of trust among law enforcement agents. Ad
    hoc cooperation and multinational task forces can both prove
    particularly useful -- and there are already cases where international
    cooperation has been very effective. Indeed, successful cooperation
    can breed emulation and further success.
    
    The other important component of a strategy to combat cybercrime is
    partnership between governments and industry, especially the
    information technology sector. Once again, there are precedents. In
    recent years, the major oil companies, although very competitive with
    one another, established information sharing arrangements and worked
    very closely with law enforcement to minimize infiltration by
    organized crime figures and criminal companies. Government-private
    sector cooperation of this kind is not always easy but it is clear
    that a degree of mutual trust can make a difference. For cooperation
    to be extended, law enforcement agencies have to exercise considerable
    care and discretion not to expose company vulnerabilities, while the
    companies themselves have to be willing to report any criminal
    activities directed against their information and communication
    systems.
    
    Even if considerable progress is made in all these areas, organized
    crime and cybercrime will continue to flourish. If steps are made in
    these directions, however, then there is at least some chance that
    cybercrime can be contained within acceptable bounds, that it will not
    undermine confidence in electronic commerce, that it will not so
    enrich organized crime groups that they can further corrupt and
    threaten governments, and that the big winner from the growth of the
    Internet will not be organized crime.
    
    (1) Refers to the German philosopher Karl Von Clausewitz, well-known
    for the maxim "war is the continuation of policy by other means."
    
    (The Washington File is a product of the Office of International
    Information Programs, U.S. Department of State. Web site:
    usinfo.state.gov)
    
    
    
    
    -------------------------------------------------------------------------
    POLITECH -- Declan McCullagh's politics and technology mailing list
    You may redistribute this message freely if you include this notice.
    Declan McCullagh's photographs are at http://www.mccullagh.org/
    To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
    This message is archived at http://www.politechbot.com/
    -------------------------------------------------------------------------
    



    This archive was generated by hypermail 2b30 : Tue Aug 14 2001 - 09:07:39 PDT