Read the news and it would appear the authorities have been cleaning up when it comes to apprehending cyber criminals. This year has seen a swathe of high profile arrests including:
In February, Russian-born Gennadiy Kapkanov, was arrested in Ukraine. Said to be the head of a global cyber crime gang known as Avalanche, activities centred on stealing bank passwords and according to the FBI, hundreds of millions of dollars have been stolen.
Kapkanov is currently being held in Kiev and it’s the second time he has been arrested – 15 months ago he was held after a shoot-out, again in Ukraine. He was then freed, resulting in outcry that corruption was present. This time it seems a tougher approach is being taken.
In November, Bulgarian police arrested a Russian citizen, Alexander Zhukov, who is wanted by US authorities. He is being held pending extradition to the US, where he is charged with computer fraud and conspiracy to commit this, resulting in losses of some $7 million.
In March, Spanish police arrested the suspected leader of a gang of cyber criminals who stole up to €1 billion from banks. This was done by targeting bank employees with emails, infecting their computers and then gaining control of the network and servers. They authorised fraudulent bank transfers and were able to command ATMs, allowing mules to pick up issued cash.
The individual, understood to be Ukrainian, has only been identified as ‘Denis K’ and is understood to have been involved in malware attacks known as ‘Carbanak’ and ‘Cobalt. The gang had members in 40 countries and carried out attacks on 100 financial institutions.
Whilst the boss is now in jail, cyber security firm Palo Alto Networks said its threat research team Unit 42 has found evidence Denis K’s group is still active, stating: “We have been able to identify both the use of a common macro builder as well as specific document metadata which have allowed us to track and cluster new activity and infrastructure associated with the gang.”
Cyber criminals are multiplying
While these arrests show that police and other bodies are able to track criminals down, their numbers are multiplying. As one bad apple is removed, many more are appearing.
The main reason is that still relatively few are caught and the profits more than make up for the risk. Indeed, as malware protection firm Bromium recently claimed, adept cyber criminals can earn up to £1.4 million a year – those prepared to break the law and with the necessary computer skills, find the lure of cyber crime irresistible.
Bromium’s CEO Gregory Webb commented: “Cyber crime is lucrative, with relatively low-risks compared to other forms of crime. Cyber criminals are rarely caught and convicted because they are virtually invisible. As criminals further monetise their business, allowing anyone to buy pre-packaged malware or hire hackers on demand, the ability to catch the king-pins becomes even more challenging.”
Cyber criminals are notoriously slippery, moving from country to country and many operate under false identities. It can be extremely challenging gathering evidence and there are often jurisdiction issues. Whereas organisations like Europol encourage co-operation, when countries like Russia or China are involved, extradition may be impossible.
But, at least some arrests are being made and beyond this, the closure of dark web marketplaces – Alphabay, Hansa and Ramp, makes it harder for criminals to trade wares. Of course, others exist and will continue to set up, but growing investment in countering cyber attacks may be making the environment for criminals a little less comfortable.