by Charles Sennewald and John Christman (2008)
A four-disc documentary on the mafia in America, from Prohibition to John Gotti.
These organizations adopt various structures. The crime family model obviously still applies when the Mafia is involved. Some groups that seem independent of the Mafia, like the people who ran Carder's Market--an underground site for buying and selling credit card information--also use a Mafia-like structure and terminology. Phishing groups tend to work like Japanese keiretsu, says Cassidy, who is also secretary of the Anti-Phishing Working Group. Cybercriminals sometimes use a hub-and-spoke model, where a criminal mastermind puts together various tools and people needed to pull off a job. Want a botnet? A Symantec study found that on average, you could gain use of one for $225. Need a keystroke logger? Average price: $23. Want someone to host a phishing scam? That can be had for as little as $2. A specific vulnerability in financial sites might cost $3,000.
You can even get specialized versions of malware, websites, etc.--the Verizon 2009 Data Breach report found that 59 percent of the malware it saw was customized. Sometimes the criminals adopt models that look like the software business. You can literally buy "fraud as a service," where criminals subscribe to hosted services--a story first illuminated in CSO's September 2007 article, "Inside the Global Hacker Service Economy" (see www.csoonline.com/article/456863).
Between 70 percent and 80 percent of malware now comes from organized groups, estimates Bogdan Dumitru, CTO at BitDefender, an antivirus firm based in Romania. Lone hackers still break new ground: Dumitru says Twitter malware that's popped up recently was "developed by a kid. But in the next two months we'll probably see organized entities taking advantage of it."
The fluidity of cyberorganizations can make them more difficult for law enforcement to penetrate than their real-world counterparts. But it's not impossible. DarkMarket, a spam and phishing forum, eventually was taken over and hosted on FBI servers. J. Keith Mularski, the supervisory special agent at the FBI assigned to the National Cyber Forensics and Training Unit, ran this site undercover, posing as a spammer named MasterSplynter.