Kaspersky Lab, the official sponsor of Scuderia Ferrari, is pleased to congratulate the team on its success at the Formula One Grand Prix of Malaysia.
Experts working in Kaspersky Lab’s Computer Incidents Investigation Department (CIID) have spent the last three and a half years investigating more than 330 cybersecurity incidents affecting government and private-sector organizations. Their findings reveal that more than 95% of these incidents used malicious software, often successfully, to steal funds. Details of this discovery and other key findings have now been compiled into a Kaspersky Lab report, “The Russian cybercrime underground: How it works.”
The report estimates the damage caused to businesses by Russian-speaking cybercriminals who have been arrested in the last few years. It also includes an overview of products and services offered on the Russian underground market, and explains the structure of a typical Russian cybercrime gang and the main roles of its participants.
The main findings of the report are:
- Between 2012 and 2015, law enforcement agencies in different countries arrested more than 160 people from Russia and its neighboring countries, all suspected of conducting financial cybercrime around the world.
- The estimated damage caused by their activity exceeds $790 million dollars. If this is combined with the damage caused by the infamous Carbanak gang (which has not yet been arrested), the amount of stolen money would be more than $1.7 billon dollars.
- More than $500 million of this was stolen from countries that were not formerly part of the USSR.
- Kaspersky Lab experts estimate that during the last three and a half years, nearly 1,000 people from Russia and neighboring countries were involved in cybercriminal activity. Evidence suggests that there are fewer than 20 gang “leaders”, and most of them have yet to be caught.
- Currently, Kaspersky Lab is actively investigating five large cybercriminal groups involved in stealing money using malicious software.
All five of these groups are still active, and were discovered by Kaspersky Lab researchers in 2012 and 2013. Each numbers between 10 and 40 people, depending on the group. At least two of the groups are actively targeting organizations in Russia and neighboring countries but also in the USA, Great Britain, Australia, France, Italy and Germany.
“Unlike other local cyber-undergrounds – for example, in Brazil – enterprising Russian-speaking cybercriminals don't just focus on local targets. They are an international problem and we think that the scale of the threat will only continue to grow. With the recent devaluation of the ruble, Russian cybercriminals have a greater incentive to shift their attention away from local targets towards foreign ones where they see an opportunity for greater illicit gains. We expect to see a rise in attacks against organizations located far away from Russia. The only way to fight cybercrime effectively is for law enforcement agencies, IT security experts, and representatives from the financial sector to join forces. Kaspersky Lab's experience tracking and combating the Russian cyber-underground is unparalleled. Our experts detect emerging malicious trends long before they become widespread and we are leveraging this experience to combat the spread of Russian cybercrime worldwide." - said Ruslan Stoyanov, Director of Computer Incidents Investigation Department at Kaspersky Lab.
The full text of the report is available at Securelist.com
Articles related to Virus News
Kaspersky Lab security researchers have discovered a vulnerability in the kernel of Darwin – an open-source component of both the OS X and iOS operating systems.
Kaspersky Lab joins forces with INTERPOL, Industry and Law Enforcement Partners to Disrupt Simda Botnet
In a global operation coordinated by the INTERPOL Global Complex for Innovation in Singapore, a group of leading IT companies including Kaspersky Lab, Microsoft, Trend Micro and Japan’s Cyber Defense Institute, in collaboration with law enforcement agencies, have disrupted the Simda criminal botnet – a network of thousands of infected PCs around the world