lolloj - Fotolia

Global cyber crime worth $1.5tn a year, study reveals

Cyber criminal operations worldwide are generating revenues that equal the GDP of Russia though a web of profit that involves legitimate businesses, research has revealed

Cyber criminal revenues worldwide are at least $1.5tn, according to “conservative estimates” in a study into the macro economics of cyber crime and how the various elements link together by Michael McGuire, senior lecturer in criminology at Surrey University.

The overall estimate is made up of estimated earnings of $860bn from Illicit/illegal online markets, $500bn from intellectual property theft, $160bn from data trading, $1.6bn from crimeware-as-a-service, and $1bn from ransomware.

If cyber crime were a country, then it would have the 13th highest gross domestic profit (GDP) in the world, according to the study commissioned by virtualisation-based security firm Bromium.

The study exposes the professionalisation of cyber crime and details how cyber criminal profits are acquired, laundered, spent and reinvested.

The research points to an emergence of platform criminality, mirroring the platform capitalism currently used by companies like Uber and Amazon, where data is the commodity. The report raises concerns this platform criminality model is enabling and funding broader criminal activities, such as human trafficking, drug production and distribution, and even terrorism.

Cyber crime can no longer be compared to a business because it is now an economy, with an interconnected web of profit that blurs the lines between the legitimate and illegitimate, with both feeding off one another, according to said McGuire, who is to present the full findings of the nine-month Web of Profit study at the RSA Conference in San Francisco.

“We are looking at a hyper-connected range of economic agents, economic relationships and other factors now capable of generating, supporting, and maintaining criminal revenues at unprecedented scales,” he said.

Read more about cyber crime

The research presents evidence that cyber crime revenues often exceed those of legitimate companies, especially at the small to mid-range size.

The report suggests that there is now a growing interconnectedness and interdependence between both the illegitimate and legitimate economies. This inter-dependence is creating what McGuire terms “The Web of Profit”.

McGuire argues that “companies and nation states now make money from this web of profit. They also acquire data and competitive advantages from it, and use it as a tool for strategy, global advancement and social control.

“There is a range of ways in which many leading and respectable online platforms are now implicated in enabling or supporting crime, albeit unwittingly, in most cases,” said McGuire.

Platform capitalism – a term used to describe companies like Uber, Facebook, Amazon – is offering fertile ground for hackers to further their gains. Whether by hacking companies to acquire user data, disseminate malware, sell illegal goods and services, set up fake shop fronts to launder money or simply connecti buyers and sellers, the report said it is evident that cyber criminals are adept at manipulating existing platforms for commercial gain.

“This is creating a kind of ‘monstrous double’ of the legitimate information economy – where data is king,” said McGuire. “The Web of Profit is not just feeding off the way wealth is generated there, it is reproducing and, in some cases, outperforming it.”

Post-crime reality

The report shows that cyber criminal platform owners are likely to receive the biggest benefit from this new wave of cyber crime, and that the owners will distance themselves from the actual commission of crime. In fact, it has been estimated individual hackers may only earn around $30,000 a year. Managers can earn up to $2m, with just 50 stolen card details at their disposal.

McGuire refers to this as a shift to “post-crime” reality, where cybercriminals are taking a “platform capitalism” approach to selling, rather than committing crime.

In fact, McGuire found criminal sites offering ratings, descriptions, reviews, services, and even technical and customer support. These platforms are improving the criminal ‘customer experience’ and allowing easy access to services and products that support the commission of crime on a global scale.

Some examples of services and products found to be available include:

  • Zero-day Adobe exploits ($30,000)
  • Zero-day iOS exploit ($250,000)
  • Malware exploit kit ($200-$600 per exploit)
  • Blackhole exploit kit ($700 a month or $1,500 a year)

The report identifies the development of cyber crime growth-cycles, where money generated from cyber crime is being reinvested into further crime. Many of the larger cyber crime operations, which have been detected, typically reinvest revenues into expanding and developing the operation – like buying more crime ware, maintaining a website, paying mules, or other criminal requirements.

Cyber crime and terrorism

Reinvestment includes spending money to support other types of crime such as drug and human trafficking, and McGuire also found a connection between cyber crime and terrorism. The report highlights one case where cyber crimes were committed specifically to generate more than $3.5m for terrorist activities.

“The findings of the research provide shocking insight into just how widespread and profitable cyber crime has become,” said Gregory Webb, CEO for Bromium. “The platform criminality model is productising malware and making cyber crime as easy as shopping online. Not only is it easy to access cyber criminal services and expertise; it means business – both public and private – are going to see more attacks with increasing sophistication.

“We expect an onslaught of attacks as he web of profit gains momentum. We can’t solve this problem using old technology. It’s time for new approaches.”

Read more on Hackers and cybercrime prevention