Russian Hackers Gain Third of Global Cybercrime Market, IB Says

Russian-speaking hackers doubled their earnings last year to gain more than one-third of the global market as more traditional organized-crime groups moved into computer-based fraud, a study showed.

Russian-speaking cyber thieves earned about $4.5 billion in 2011, or 36 percent of the world total, through spamming, online banking fraud and other illegal activities, Moscow-based Group-IB said in a report on its website today. About $2.3 billion of that came from criminals based in Russia itself.

The increase reflected the “consolidation of market participants” into several major cybercrime groups “with a centralized management system,” Group-IB said. “This trend leads to the merging of the two criminal worlds with the subsequent resource allocation from the mafia’s traditional areas of control -- prostitution, drug and arms trafficking and so on -- in favor of cybercrime.”

The single most lucrative activity for Russian hackers last year was spamming, which generated an estimated $553 million through mass e-mails advertising counterfeit products such as drugs or designer clothes, according to the report. About $490 million was stolen via Internet banking fraud.

A new trend that emerged last year was the formation of a “cybercrime-to-cybercrime” market of outsourced services provided “on a paid basis by specialized teams of hackers,” Group-IB said.

Banks in particular are coming under increasing pressure from organized hacking groups using increasingly sophisticated botnets, or groups of infected computers that can be used to coordinate attacks, Group-IB said. The largest botnet used against banks consisted of about 2 million computers last year.

Network managers at 104 financial services companies surveyed for Bloomberg Government by the Ponemon Institute LLC this year said cybersecurity was costing them an average of $16.5 million annually. They estimate that it would cost more than 10 times that amount -- the biggest jump of any industry surveyed -- to raise their attack-prevention rate to a level of 95 percent from the current 68 percent.

Before it's here, it's on the Bloomberg Terminal. LEARN MORE