Latest news with #JohnWojcik
Mint
5 days ago
- Business
- Mint
The Uber of the underworld
EVERYTHING'S POSSIBLE at Harrods, proclaims the website of Britain's glitziest department store. Alas, on May 1st this universe of possibilities included an attempted cyber-attack that forced the company to restrict internet access at its sites, it said. The attempted intrusion came just days after hackers took down computer systems at Marks & Spencer (M&S), a supermarket and clothing retailer which says the disruptions will cost it some £300m ($405m). These breaches, which also hit the Co-op supermarket chain, were more than just costly cyber-attacks. They are worrying examples of how crime is evolving beyond simple street thuggery, or even the work of small groups of clever hackers, into a global service economy where anyone with cryptocurrency can buy the tools to paralyse a multinational corporation. One of the chief suspects in the attacks on Britain's high street is the hacker collective Scattered Spider, according to Britain's National Crime Agency, which investigates serious and organised crime. Scattered Spider is not a traditional, hierarchical mafia. Instead it is a fluid network of young hackers who may never meet in person, yet can co-ordinate devastating attacks across continents. They are thought to have used DragonForce, a ransomware-as-a-service platform that gives criminals the software to carry out attacks in which they encrypt the victim's data or otherwise block their access to computer systems until a ransom is paid. Just as Uber upended the taxi industry and Airbnb reshaped the hotel business, the criminal underworld is undergoing its own digital revolution. Criminals who might once have committed crimes themselves are now becoming service providers in a vast underground marketplace. This new service model 'is evolving at a rate that we've never previously seen", says John Wojcik of the United Nations Office on Drugs and Crime (UNODC). The exact cost of cybercrime cannot be known, since much of it happens in the shadows and victims of ransomware attacks may be reluctant to report the crimes. Sometimes this is out of fear that doing so will harm their reputation among customers or that it could result in them being fined under data-protection laws. Nevertheless, it is clear that the scale is staggering, with billions, possibly trillions, of dollars in economic costs each year. The low end of the range comes from tallies of reported crimes by law-enforcement agencies. The FBI said it received reports of direct losses of $16.6bn in 2024, a 33% increase over 2023. Adding in unreported losses and wider economic costs leads to bigger numbers. Britain puts its current annual losses at more than £27bn (based on old data). The European Commission reckons that the worldwide costs of cybercrime were €5.5trn ($6.5trn) in 2021. Though estimates of the full cost differ, almost all studies suggest that cybercrime is booming. One reason is the emergence of DragonForce and other similar providers of plug-and-play hacking kits, which give even unskilled criminals the ability to launch ransomware attacks. This dramatically lowers the barriers for newcomers, who no longer have to write their own malicious malware. Moreover, a wider ecosystem of criminal services is developing. This allows hackers to buy, rather than steal, the personal data they need to identify potential victims or to work out how to launder ransom payments. Many of these services are accessed through online forums or messaging apps, such as Telegram, and are often paid for with cryptocurrency. Hackers who develop ransomware use a variety of business models from selling the basic code, which sometimes costs as little as $2,000, to ransomware-as-a-service. Under the service model a client (or affiliate) gets access to a web portal that lets them customise the ransomware. Some groups also provide a communications portal, through which their clients can negotiate anonymously with their victims. In exchange for these services they take a share of the profits. Market forces and competition have pushed these down to around 10-20% from around 30-40% a few years ago. Keeping secrets This new modular model is not easily thwarted by law-enforcement officials. When cybercrime operates through countless providers, shutting down one node barely dents the system. In 2023 Scattered Spider attacked Caesars Entertainment and MGM Resorts International, two American casino operators, yet the FBI struggled to dismantle the network. Criminal business models are also evolving. DragonForce uses a double extortion method. The service both steals a copy of its victim's data and also encrypts it on the victim's computer system. Thus it can demand two separate ransoms: one to unscramble the data and another to delete the stolen copy. Firms that refuse to pay face the threat that their data will be leaked to other cyber-criminals. The targeting of large retailers such as M&S, Co-op and Harrods is not random: these sorts of firms house troves of customer data. After Scattered Spider's attacks on the British retailers, Google warned on May 21st that the group is turning its attention to American retailers. The sorts of personal information big retailers hold—names, email addresses, credit-card details, shopping habits, even browsing histories that reveal personal interests—are the backbone of modern retailing. These data are among cybercrime's most valuable commodities. With this information criminals can craft more convincing phishing attacks (emails that impersonate legitimate companies in order to trick people into divulging passwords or financial information), launch targeted malware attacks and commit fraud. Underground markets, hosted on messaging apps or on the dark web, now serve as trading hubs where vendors sell stolen credit-card details, bank records and other confidential data. Beyond hacking large retailers, criminals who specialise in stealing and selling data also target banks, investment firms and other financial companies for information about wealthy clients and other profitable targets. Increasingly, criminals use information-stealing malware, often distributed through phishing emails or malicious ads, that infects computers and smartphones. This malware harvests browsing history, saved passwords (including from internet banking), chat logs, cryptocurrency-wallet details and other personal content. Among these password-stealers are RedLine Infostealer, which has been used to infiltrate major corporations, and META Infostealer (not to be confused with the company that runs Facebook). They are distributed through a decentralised malware-as-a-service model in which cybercriminals either buy a lifetime licence for $900 or subscribe to use it at a cost of $150 a month, according to a criminal complaint filed by America's Department of Justice before a court in Texas in 2022. One cyber-security expert now reckons that the cost of a lifetime licence has increased to $10,000. Adding fuel to the fire is artificial intelligence (AI), which has already transformed two common types of cybercrime: producing malware and conducting phishing attacks. In the past, gangs would have needed experts with advanced coding skills to write malware or to tailor it to specific targets, tasks that are easily done by generative AI. 'What might have previously taken an advanced criminal group weeks to figure out is now available to any criminal in minutes," says Jeff Sims of Infoblox, a security firm. AI also allows criminals to produce convincing, well-written phishing messages (often in languages that are not their own). These are more likely to succeed in deceiving victims, especially when combined with stolen data. Crime syndicates, for example Chinese groups operating out of South-East Asia, are using AI to translate scripts for romance scams, fake job offers or fraudulent investments, letting them target victims around the world. Paying the bounty Law-enforcement agencies have tended to focus on trying to shut down or disrupt the providers of ransomware. In late May an operation by European and North American agencies dismantled an extensive network and issued arrest warrants for 20 people. Yet the continued growth in this sort of crime suggests that enforcement is failing, leading to more draconian proposals. Britain plans to outlaw payment of ransoms by public-sector bodies and operators of critical infrastructure, hoping this will make them less attractive as targets. Those not subject to this ban would still have to report ransomware attacks to the authorities, which would allow law-enforcement officials to block ransom payments. Yet legal experts fret this will not stop cyberattacks (since hackers may still get customer data that they can sell) nor protect companies, which could collapse if they cannot regain control of their data. If nothing else, the dilemma over how to deter the new breed of cybercriminals highlights how one of the world's fastest-growing criminal threats come not from armed gangsters, but from geeks writing and selling code in the burgeoning underworld of the criminal gig economy.
Malay Mail
22-04-2025
- Malay Mail
UN: Billion-dollar cyberscam industry spreading globally
BANGKOK, April 22 — Asian crime syndicates behind the multibillion-dollar cyberscam industry are expanding globally including to South America and Africa, as raids in Southeast Asia fail to contain their activities, the United Nations said in a report on Monday. Criminal networks that emerged in Southeast Asia in recent years, opening sprawling compounds housing tens of thousands of workers, many trafficked and forced to scam victims around the world, have evolved into a sophisticated global industry, the United Nations Office on Drugs and Crime (UNODC) said. Even as Southeast Asian governments have intensified a crackdown, syndicates have moved within and beyond the region, the agency said, adding that a 'potentially irreversible spillover has taken place... leaving criminal groups free to pick, choose, and move... as needed'. 'It spreads like a cancer,' said Benedikt Hofmann, UNODC acting regional representative for Southeast Asia and the Pacific. 'Authorities treat it in one area, but the roots never disappear; they simply migrate.' Conservative estimates indicate there are hundreds of large-scale scam farms around the world generating tens of billions of dollars in annual profits, the UNODC said. The agency called on countries to work together and intensify efforts to disrupt the gangs' financing. 'The regional cyberfraud industry... has outpaced other transnational crimes, given that it is easily scalable and able to reach millions of potential victims online, with no need to move or traffic illicit goods across borders,' said John Wojcik, a regional analyst with UNODC. The United States alone reported more than US$5.6 billion (RM7.3 billion) in losses to cryptocurrency scams in 2023, including more than US$4 billion in so-called pig-butchering scams or romance scams designed to extort money from often elderly and vulnerable people. 'Inflection point' In recent months, authorities from China, where many of the gangs originate, Thailand and Myanmar have led a crackdown on scam operations in lawless areas of the Thai-Myanmar border, with Thailand cutting power, fuel and internet supply to areas housing scam compounds. But syndicates have adapted, shifting operations between 'the most remote, vulnerable, and underprepared parts of Southeast Asia', especially in Laos, Myanmar, and Cambodia, and beyond, exploiting jurisdictions with weak governance and high rates of corruption, the UNODC said. Raids in parts of Cambodia where the industry is most visible 'led to significant expansion in more remote locations', including the country's western Koh Kong province, as well as areas bordering Thailand and Vietnam, the UN agency said. Cambodian government spokesman Pen Bona said the country is among the victims of the cyberfraud industry and is committed to fighting it. The government recently established an ad-hoc commission chaired by Prime Minister Hun Manet to address the issue by strengthening law enforcement, developing a legislative framework and increasing collaboration with partner nations and the UN, he said. To overcome the 'complex problem, we need collaboration not blame', he said. A spokesperson for the Myanmar junta did not immediately respond to requests for comment. Syndicates have expanded into South America, the UN agency said, seeking to enhance money laundering and underground banking partnerships with South American drug cartels. They are increasingly establishing operations in Africa, including in Zambia, Angola, and Namibia, and in Eastern Europe including Georgia, the agency said. Gangs have also rapidly diversified their workforce, recruiting people from dozens of nationalities, according to the agency, reflecting how the industry scams targets across the globe and has sought to evade anti-trafficking efforts. Citizens of more than 50 countries - from Brazil to Nigeria, Sri Lanka and Uzbekistan - were rescued during recent crackdowns on the Thai-Myanmar border. The international community is at a 'critical inflection point,' the UNODC said, urging that failure to address the problem would have 'unprecedented consequences for Southeast Asia that reverberate globally'. — Reuters
AsiaOne
22-04-2025
- AsiaOne
Billion-dollar cyberscam industry spreading globally, UN says, World News
BANGKOK — Asian crime syndicates behind the multibillion-dollar cyberscam industry are expanding globally including to South America and Africa, as raids in Southeast Asia fail to contain their activities, the United Nations said in a report on Monday (April 22). Criminal networks that emerged in Southeast Asia in recent years, opening sprawling compounds housing tens of thousands of workers, many trafficked and forced to scam victims around the world, have evolved into a sophisticated global industry, the United Nations Office on Drugs and Crime (UNODC) said. Even as Southeast Asian governments have intensified a crackdown, syndicates have moved within and beyond the region, the agency said, adding that a "potentially irreversible spillover has taken place... leaving criminal groups free to pick, choose, and move... as needed". "It spreads like a cancer," said Benedikt Hofmann, UNODC acting regional representative for Southeast Asia and the Pacific. "Authorities treat it in one area, but the roots never disappear; they simply migrate." Conservative estimates indicate there are hundreds of large-scale scam farms around the world generating tens of billions of dollars in annual profits, the UNODC said. The agency called on countries to work together and intensify efforts to disrupt the gangs' financing. "The regional cyberfraud industry... has outpaced other transnational crimes, given that it is easily scalable and able to reach millions of potential victims online, with no need to move or traffic illicit goods across borders," said John Wojcik, a regional analyst with UNODC. The United States alone reported more than US$5.6 billion (S$7.3 billion) in losses to cryptocurrency scams in 2023, including more than US$4 billion in so-called pig-butchering scams or romance scams designed to extort money from often elderly and vulnerable people. 'Inflection point' In recent months, authorities from China, where many of the gangs originate, Thailand and Myanmar have led a crackdown on scam operations in lawless areas of the Thai-Myanmar border, with Thailand cutting power, fuel and internet supply to areas housing scam compounds. But syndicates have adapted, shifting operations between "the most remote, vulnerable, and underprepared parts of Southeast Asia", especially in Laos, Myanmar, and Cambodia, and beyond, exploiting jurisdictions with weak governance and high rates of corruption, the UNODC said. Raids in parts of Cambodia where the industry is most visible "led to significant expansion in more remote locations", including the country's western Koh Kong province, as well as areas bordering Thailand and Vietnam, the UN agency said. [[nid:715848]] Cambodian government spokesman Pen Bona said the country is among the victims of the cyberfraud industry and is committed to fighting it. The government recently established an ad-hoc commission chaired by Prime Minister Hun Manet to address the issue by strengthening law enforcement, developing a legislative framework and increasing collaboration with partner nations and the UN, he said. To overcome the "complex problem, we need collaboration not blame", he said. A spokesperson for the Myanmar junta did not immediately respond to requests for comment. Syndicates have expanded into South America, the UN agency said, seeking to enhance money laundering and underground banking partnerships with South American drug cartels. They are increasingly establishing operations in Africa, including in Zambia, Angola, and Namibia, and in Eastern Europe including Georgia, the agency said. Gangs have also rapidly diversified their workforce, recruiting people from dozens of nationalities, according to the agency, reflecting how the industry scams targets across the globe and has sought to evade anti-trafficking efforts. Citizens of more than 50 countries — from Brazil to Nigeria, Sri Lanka and Uzbekistan — were rescued during recent crackdowns on the Thai-Myanmar border. The international community is at a "critical inflection point," the UNODC said, urging that failure to address the problem would have "unprecedented consequences for Southeast Asia that reverberate globally". (This story has been corrected to change 'US$4 million' to 'US$4 billion' in paragraph 7.) [[nid:716839]]
Business Recorder
22-04-2025
- Business Recorder
Billion-dollar cyberscam industry spreading globally: UN
BANGKOK: Asian crime syndicates behind the multibillion-dollar cyberscam industry are expanding globally including to South America and Africa, as raids in Southeast Asia fail to contain their activities, the United Nations said in a report on Monday. Criminal networks that emerged in Southeast Asia in recent years, opening sprawling compounds housing tens of thousands of workers, many trafficked and forced to scam victims around the world, have evolved into a sophisticated global industry, the United Nations Office on Drugs and Crime (UNODC) said. Even as Southeast Asian governments have intensified a crackdown, syndicates have moved within and beyond the region, the agency said, adding that a 'potentially irreversible spillover has taken place… leaving criminal groups free to pick, choose, and move… as needed'. 'It spreads like a cancer,' said Benedikt Hofmann, UNODC acting regional representative for Southeast Asia and the Pacific. 'Authorities treat it in one area, but the roots never disappear; they simply migrate.' Conservative estimates indicate there are hundreds of large-scale scam farms around the world generating tens of billions of dollars in annual profits, the UNODC said. The agency called on countries to work together and intensify efforts to disrupt the gangs' financing. 'The regional cyberfraud industry… has outpaced other transnational crimes, given that it is easily scalable and able to reach millions of potential victims online, with no need to move or traffic illicit goods across borders,' said John Wojcik, a regional analyst with UNODC. The United States alone reported more than $5.6 billion in losses to cryptocurrency scams in 2023, including more than $4 million in so-called pig-butchering scams or romance scams designed to extort money from often elderly and vulnerable people.
The Standard
21-04-2025
- The Standard
Cyberscam factories are mushrooming worldwide
Asian crime syndicates behind the multibillion-dollar cyberscam industry are expanding globally including to South America and Africa, as raids in Southeast Asia fail to contain their activities, the United Nations reported yesterday. Criminal networks that emerged in Southeast Asia in recent years, opening sprawling compounds housing tens of thousands of workers, many trafficked and forced to scam victims around the world, have evolved into a sophisticated global industry, the UN Office on Drugs and Crime said. Even as Southeast Asian governments have intensified a crackdown, syndicates have moved within and beyond the region, the agency said, adding that a "potentially irreversible spillover has taken place leaving criminal groups free to pick, choose, and move as needed." "It spreads like a cancer," said Benedikt Hofmann, UNODC acting regional representative for Southeast Asia and the Pacific. "Authorities treat it in one area, but the roots never disappear; they simply migrate." Conservative estimates indicate that hundreds of large-scale scam farms around the world are generating tens of billions of dollars in annual profits, the UNODC said. "The regional cyberfraud industry has outpaced other transnational crimes, given that it is easily scalable and able to reach millions of potential victims online, with no need to move or traffic illicit goods across borders," said John Wojcik, a regional analyst with UNODC. The agency said syndicates have expanded into South America while increasingly establishing operations in Africa and Eastern Europe. Gangs have also rapidly diversified their workforce. During recent crackdowns on the Thai-Myanmar border, citizens of more than 50 countries had been rescued. REUTERS
