Kaspersky Lab’s Computer Incidents Investigation Department (CIID) has detailed in its report, “The Russian Cybercrime Underground: How it works” that more than 95 per cent of Russian cyber incidents used malicious software, often successfully, to steal funds.
Kaspersky Lab dedicated the last three and a half years to investigating over 330 cyber security incidents, which affected government and private-sector organisations. The details of the discoveries and other key findings have now been compiled into a Kaspersky Lab security report which has now been released.
The key findings are:
- More than 160 people from Russia and its neighbouring countries were arrested between 2012 and 2015, by law enforcement agencies in different countries around the world. All those arrested were suspected of conducting financial cyber crime.
- To put this into perspective the estimated damage - which exceeds $790 million dollars – would be comparable to the damage caused by the infamous Carbanak gang (whose members are still at large). The total combined haul of stolen money would be more than $1.7 billon dollars.
- Interestingly, the gangs stole more than $500 million of their total haul ($1.7 billion) from countries that were not formerly part of the USSR.
- Kaspersky point to evidence that suggests that there is an organised hierarchy of cyber criminals with perhaps fewer than 20 gang “leaders” and moneymen, most of who have yet to be arested. However, the gangs’ have a workforce of over 1000 individuals involved in cyber crime from Russia and its neighbouring countries.
- Kaspersky Lab’s is currently investigating five large cyber criminal groups that they believe to be actively involved in stealing money using malicious software.
Kaspersky Lab said: “Unlike other local cyber-undergrounds – for example, in Brazil – enterprising Russian-speaking cybercriminals don't just focus on local targets. They are an international problem and we think that the scale of the threat will only continue to grow.
"With the recent devaluation of the rouble, Russian cybercriminals have a greater incentive to shift their attention away from local targets towards foreign ones where they see an opportunity for greater illicit gains."
Image source: Shutterstock/igor.stevanovic