Adventures in the dark underworld of cyberspace

Anyone who reads the news will have a clear idea of what “crime” involves. There are guns, welding torches, gangsters marauding through banks armed to the teeth. But the true extent of illegal activities stretches far beyond the violent crimes we are all too familiar with, and into a world where criminals operate comfortably from behind a screen.

In fact, the underground Internet economy of cybercrime is a mirror image of the world we see every day. There are employees, bosses and online marketplaces, as well as corporations that could give give even some of the largest Silicon Valley giants a run for their money. It’s a world where, instead of trading goods such as clothes or bicycles, people trade and sell illegal data, as well as the tools used to obtain it.

Underground operations

You don’t need to be a member of the mob or have a penchant for violence to succeed in the underground economy. This mysterious marketplace is populated with criminals ranging from 11 year old “script kiddies” cutting their programming teeth, through to 70 year old cyber-veterans, who may have cut theirs a little too much. But they all have one thing in common: they are all contributing to an industry that is worth a startling £1 trillion in stolen goods.

So how does an economy that relies so heavily on illegal activity continue to support itself? It may seem counter-intuitive, but just like with our everyday transactions, the underground economy relies on a network of trust.

Like the ecosystems of well known Internet auction sites , sellers and buyers are given feedback, which adds an extra layer of assurance to the buyer that they are completing a reliable transaction. Similarly, cyber-criminals populating this space tend to rely on a form of feedback scoring that publicly displays the ability of the users to reliably deliver the information, data or money needed to complete the transactions.

The loot

The type of data stolen typically includes passwords and credit card details, but it may also include; trades for firearms, appliances, intellectual property, education and identity documents, which can all be purchased over the Internet without much hassle.

While a simple date of birth doesn’t seem to be that valuable, if paired with other key identifiers such as the Mother’s maiden name, for instance, it enables cybercriminals to unlock almost every door to a user’s identity, allowing the criminals to make physical purchases, withdraw cash or even obtain passports illegally.

It is also worth noting that the community of the underground economy appears to be very structured, with real human beings bridging the gap between virtual theft and real goods delivery. Criminals can be sitting outside a physical address waiting for a delivery to arrive, withdrawing money from a Western Union branch under a fake identity in return for a percentage of the cash, to launching distributed denial of service (DDoS) attacks to divert attention from other crimes.

This poses serious threats to companies that depend on intellectual property (IP) for their revenue. There have been numerous documented losses of millions of dollars attributed to IP theft alone.

For instance, authorities in the United States indicted five Chinese hackers back in May for widespread attempts to steal IP from US firms and sell it to private companies in China. The co-conspirators used e-mail messages known as ‘spearfishing’ messages to trick unwitting recipients into giving the co-conspirators access to their computers.”

The Wall Street of cybercrime

If you have ever wondered where these deals are signed off, trading occurs in apparently normal looking IRC chats or forums 24 hours a day. Despite the illegal nature of the topics discussed, these websites tend to state legitimate sounding disclaimers, hiding in plain sight and protecting themselves from accusations of running a criminal enterprise. And over the last two or three years, as evidenced by the “Silk Road” takedown, this has moved largely to the “Deep Web” where there are no pretensions. Reached using anonymous systems, hidden from traditional search engines, and often dynamically relocated, this is where the “heavy” criminal activity takes place.

The transactions include a world of lexicon unfamiliar to the rest of us, with cyber criminals banding about words and phrases such as “fullz” (i.e. full identity records), “cvvs” (i.e. credit card tracking information) and “socks” or private desktop access and proxies to you and me. The sheer volume of data being exchanged is staggering, with chat rooms able to host more than 500 people at any one time on a regular basis, trading information at an agreed price.

Although not always profitable, this business certainly represents a serious threat to the safety of all of us. The size of this underground operation is huge, with cyber-attacks widely used during the early 2000s by the Russian mafia to blackmail shop keepers with a warning message prior to an armed robbery. Cybercrime might not resonate as loud as a gunshot, but it certainly carries the same danger.

A beacon of hope

This underground world is a constant threat to both private users and businesses, fortunately there is a chance to act upon it and implement necessary measures in order to protect our domains against the many forms of cyber-attack out there.

However state-of-the-art technology allows on-demand cloud-based protection against fraud, to stop suspicious transactions and block them before they can wipe our bank account clean. Similarly, businesses can benefit from even more sophisticated services such as DNS filtering, which can be deployed to stop potentially harmful websites before they reach our network, or block specific sites in the first place.

However we can now more effectively defend our web traffic and protect ourselves against viruses, malware, and criminal attacks to enjoy a safer and smoother web experience, knowing that help can come to the rescue in matter of minutes.

Rodney Joffe is the senior vice president of Neustar