Is the Mafia Taking Over Cyber Crime? Not Really

Don Corleone as criminal cyber mogul?

The criminal part, to be sure. The cyber mogul stuff – not so fast.

In recent years, a narrative has rooted itself in popular imagination that organized crime groups are not only increasing their involvement in cyber crime, but are also taking a leading role in the enterprise. But an upcoming study by a sociologist at the University of Oxford says the conventional wisdom is in many cases flat wrong.

“What is it about traditional organized crime groups that makes them different from other groups? They attempt to go into a criminal market. So, if someone else deals drugs, you want to drive them out or have them pay you,” said Jonathan Lusthaus, who is the Director of the Human Cyber Criminal Project at Oxford. “A mafia isn’t satisfied with controlling one criminal market. They want to control all criminal markets. They want to monopolize all of those industries. Every criminal activity will be under their umbrella.”

Lusthaus, who based his study on 7 years doing fieldwork across 20 countries and interviews with 238 representatives from law enforcement, the private sector, and former cyber criminals, offered a preview of his research at the BlackHat USA 2018 conference. His study, to be published later this year, will argue that the range of connections between Mafias, organized crime – particularly the Russian Mafia – and cyber crime, has been vastly overstated in the popular imagination.

“Overall, I’m suggesting that organized crime is not taking over cyber crime. What I’ve encountered more often is a new class of entrepreneur. They could be operating in a different industry. They’re just doing it in a criminal industry and seeing it as more of a business.”

Cyber Crime Pays

“You hear: `The Russia mafia are the most prolific cyber criminals in the world.’ I hear those ideas frequently,” he said. “The claims are inaccurate.”

In Russia, he said, the reality on the ground is more complex and more nuanced than this broad-brush approach would suggest.

Lusthaus noted that many members of the Russian underworld belong to what’s known as The Vory – thieves-in-law. These gang members came to prominence in the former Soviet prison system, where they developed into a specific criminal fraternity.

“In the 1990s, when the Soviet Union collapsed and [Russia] moved to a free-market economy, everything came up for sale and there was now private property. But you needed that property to be enforced. Russia had a very weak state and didn’t have a police and court system that could enforce deals.”

It was in that atmosphere that the post-Soviet Russian mafia emerged, he said, ready to employ violence to provide this service as an alternative to people willing to pay. It also turned to cyber crime, a development that got played up in the media after a Russian hacker illegally transferred $3.7 million from Citibank in 1994. A Russian Mafia group based in St. Petersburg called the Tambov gang, known for their use of violence, coordinated the delivery of proceeds to Russia.

But despite the spectacular nature of certain individual anecdotes, Lusthaus says the narrative is less compelling. What you find more often – in Russia and other regions he studied – are marriages of convenience where groups come together for short-term arrangements.

“Are we seeing a takeover today? I don’t think so. What we are seeing is some involvement - but not in every case. A lot of former cyber criminals I interviewed don’t want to be involved with (Mafias),” he said. “You have street guys collaborating with nerds. But if you’re some sort of technical guy, do you really want to be in business with organized crime, with someone who can do you physical harm?"

Indeed, rather than seek protection from organized crime, Lusthaus said cyber criminals are more likely to try and bribe members of law enforcement or even politicians in return for protection.

When organized criminals do get involved and cyber criminals do work together, Lusthaus said it usually involves the following activities:

• Providing protection for cyber criminals who may become vulnerable to theft or extortion.
• Investment in certain criminal schemes as a source of funding. Organized crime groups only need to make contact with a cyber criminal group and supply them with a pool of capital furnished from their other operations.
• Function as service providers and as partners for broader cyber crime operations in which organized crime groups leverage their expertise in money laundering and their ability to physically enforce group arrangements.
• Guidance in any proposed cyber crime schemes. This usually involves recruiting those with technical skills, among others, to carry out the jobs.

Lusthaus’s thesis also challenges conventional assumptions about how society ought to combat cyber crime. If we’re talking about a phenomenon that’s basically an organized crime problem, that suggests the response ought to be left primarily with law enforcement.

However, if this boils down to a question of how best to deal with underemployed entrepreneurs and programmers, Lusthaus believes governments should consider policy prescriptions that reduce the incentives for technically adept citizens to partner with organized crime groups. But, he added, that also means there’s some “big picture thinking that needs to happen” and officials will need to grapple with the challenge.

Along with supporting corruption reduction efforts, Lusthaus suggested the creation of initiatives to provide greater access to startup capital and spur more company hiring from affected regions.

“It’s a difficult problem to solve but it’s important to have a discussion nonetheless,” he said.

If you found this information useful, you may also enjoy:

• 2018 Internet Security Threat Report