McAfee and the FBI teamed up at Black Hat to discuss Russian online organized crime. The standing room only presentation was part fact and part hype. With a mission to publicize the FBI's work, Russians were made to be some of the most organized and threatening of all cybercriminals. While this could be true, the connections to American and other hackers around the world were drawn and cannot be ignored.Composed of money laundering, botnets, hacking, and other activities, organized crime racks up $256 Million USD a year in losses for US organizations alone. This figure is based on losses reported to the FBI's Internet Crime Compliant Center (IC3) in 2008.
Tracking down Russian online cybercriminals is a difficult task and one where the FBI often fails. With crimes occurring in the US linked to Eastern Europe, such as the TJX breach, global cybercrime is hitting home. It is important for US law enforcement to be aware of and attempt to shut down these global rings.
Punishment for cybercriminals in Russia is so disproportionate with the rewards for committing such crimes that the criminals are not deterred and will continue to perform the crimes once released. One such criminal, whose testimony was presented during the Black Hat talk, received only 6 months in jail and commented that he will commit the same crimes once he is released.
As early as 1994 the Russian organized crime groups have been seen as a threat when they stole $10M USD from Citibank, much of which was never recovered. Throughout the years activities around the world have been tracked to Russian groups. Russian cybercrime has even been connected to the 2007 London bombings carried out by Al Qaeda. Much of this activity has been under the veil of political hacktivism. The "criminals" do not believe their activities are crimes. Instead they seem themselves as political activists and fighting a war against opponents while making a living.
With complex forums, groups, and communications methods, lack of real punishment, and ease of execution, there is no incentive for these groups to stop their activities. Until there are stricter punishments and more protections in place, the Russian cybercrime threat is here to stay.