Cyberattacks on American targets are an emerging national-security threat and an issue for US foreign policy.
But for all the dangers of state-backed, politically motivated hacking, profit-motivated cybercriminals are a more frequent and perhaps much greater hazard for the majority of people.
North Korea may be able to hobble a major movie studio, and the Chinese government has frequently stolen information on US defence hardware.
But individuals are much softer targets than governments or major corporations. And every individual has access to information — ranging from medical data to bank-account numbers to online passwords to basic biographical information — off which enterprising hackers can profit.
Flashpoint, a private intelligence firm that researches online criminal networks, released Thursday its annual report on “highlights and trends in the deep and dark web.” The report, which was provided to Business Insider, gives a sense of how online criminality evolved in 2015.
The firm, which provides proprietary intelligence on dark-web activity, gathered some jarring data about the ease and apparent banality of contemporary online criminal enterprises. For example, Flashpoint found one online marketplace on which cybercriminals were selling hacking victims’ birth dates for as little as $3, for use in verifying fraudulent Google Wallet accounts.
The Flashpoint report portrays an online criminal community that’s becoming increasingly transnational. And with the help of growing foreign connections, dark web users in a country that’s been at the forefront of politically motivated hacking are starting to make a splash on the criminal scene as well.
Flashpoint’s experts have “observed increasing signs indicating the maturing and internationalization of the Chinese cybercrime underground,” the report said.
As the report explained, Chinese cyber criminals have typically transacted through on “one-on-one engagements negotiated via private messages or instant messenger applications.”
But over the past year, they have shown signs of moving on to web forums and established networks that don’t depend on this degree of personal contact. And, according to Flashpoint, these forums are usually “within the Russian underground.”
Russia is considered to be the global leader in for-profit hacking, with Russian cyber crime representing an estimated $2 billion industry in 2014, according to
“Flashpoint has noted an uptick in Chinese-speaking actors operating on international, yet Russian-run, cybercrime forums such as Lampeduza, Crdclub, and Infraud,” the report said.
Chinese cybercriminals also appear to be learning from the example of Russian-based networks and establishing web forums within China, for specific use by Chinese cybercriminals.
“Taking a page from the Russian model, some Chinese cybercriminals have established native Chinese communities or shops of their own,” the report noted.
Though these networks’ users are typically limited to China, they include two sizable online shops dedicated to trading in stolen personal information and facilitating illicit purchases.
The fact that Chinese for-profit hackers are becoming more like Russia’s in their behaviour and practices has some alarming implications. China has a population of over 1.3 billion, some 649 million of whom are web users — making for a sizable pool of current and future cybercriminals. As it is, China is already one of the world’s most prolific and dangerous hacking nations.
At the same time, Russian dark web networks are a partial reflection of the country’s existing criminal culture, which exists in a context of widespread official corruption and close ties between organised crime and the state. The environment for enterprising cyber criminals isn’t quite as friendly in China, a more thoroughly oppressive state with strict web controls and a leader in President Xi Jinping, who’s made a far-reaching anti-corruption push one of his top priorities.
Xi also made a point of meeting with Silicon Valley tech-industry leaders during a September 2015 trip to the US, a sign of how highly Beijing values some of its business relationships in the US. Giving a free reign to cybercriminals — as Russia arguably has — would go against a number of Xi’s apparent priorities.
As the Flashpoint report said: “So-called ‘internet purification operations’ conducted by the Chinese authorities … will limit the growth of native sites.”