Where are the Cyber criminals located?

Submitted by Kai on Thu, 2008-08-07 10:14.

And how do they form their "street gangs"?

I'd love your input on this topic. I would be particularly interested in input on how the groups form (if groups exists, that is???), how they overcome communication obstacles, how they find their targets, how the share the work.

As seen in the TJX-case, it seems some of these groups form without caring about national borders, origin and language. In this particular case, at least nine persons formed the group. These persons came from, and are located in, at least six different countries, and spoke a minimum of six languages (my guess the communication would be using English).

In the TJX case we also know quite a bit of how they operated, and how they used the data they stole.

What can we expect in the future? What is going on right now, under our radars? I'd love your input on that!

Kai's blog

Lawyers

Submitted by Kai on Mon, 2008-09-01 08:40.

Hi Nick, There certainly are spammers from the US, as there are spammers in Norway, China and Russia, and numerous other places. And so are the other types of cyber criminals.

As we have seen in several cases lately, the cyber criminals seems to form groups, where members are accepted based on their knowledge and competence, not their location. (Except, they need a steady online connection).

I also agree that from a risk/reward equation, it makes sense to target other countries. But - I am not convinced that there are less US-cyber criminals than in other countries. If that is true, the only reason will be less competence ;) Or - more realistically - the potential cyber criminals in the US (as in Norway) are more likely to be in a well paid job.

Although I'm sure a lot of

Submitted by Nick from Avvo (not verified) on Fri, 2008-08-29 23:27.

Although I'm sure a lot of spam comes from abroad, I think we also get a fair amount originating from the USA as well. The so called spam king is from Seattle, and I was reading about another US spam titan who recently escaped from prison, of all things. I'm not sure of the breakdown of US vs foreign, but there certainly are US spammers. Going outside of spam, however, I would imagine most straight up fraud originates from abroad. From the perspective of a criminal, it makes a lot more sense to perpetrate online crime from abroad. Since Nigerian online scammers, for example, are pretty much never arrested, it makes a lot more sense from a risk/reward equation to do it from abroad- the deal looks a lot better when you don't have to factor in prison and having to find a lawyer.

RBN

Submitted by Kai on Sun, 2008-08-10 17:41.

RBN (Russian Business Network blog) is a great resource for updated information about the RBN group of hackers. And they are doing very well on documenting the activities of RBN. It is really nice of you to remind me (and the readers) that this blog is out there, and the important work they cover!

Slightly off topic, Kai, but

Submitted by Larko (not verified) on Sun, 2008-08-10 16:25.

Slightly off topic, Kai, but highly up to date hot stuff: Not only is Georgia under actual attack by Russia but there is also a massive cyber war against Georgia going on and it is orchestrated by the little less than criminal organization Russian Business Network, which operates under protection of Russian officials. For further details look here and here. I think you may find partial answers to some of your questions in those two posts.

Anywhere else?

Submitted by Kai on Sun, 2008-08-10 11:46.

Hi Larko :)
I think you make good points, and I think you are right too. But, could it be that the cyber criminals - as seen hijacking and stealing privacy data - are located elsewhere?
I also would love input on how these people group together - do they stick to people in their same geographical area, do they stick to the same cyber "geographical" areas, or do they form based on other criteria?
Simply put - how do they meet?
K

My best guess is that a

Submitted by Larko (not verified) on Fri, 2008-08-08 13:47.

My best guess is that a great deal of cyber criminals operate in the same countries where much of spam originates from: Russia (and former Soviet states), China, USA, Turkey etc. That would be logical since spammers and content thieves are often linked with each other and probably have connections with more serious cyber criminals as well. I also have a hunch that many serious cyber criminals have started their career as spammers and are still often recruited from spam circles.