The State of Cybercrime In 2013, cybercriminals hacked into databases at RAKBANK in the UAE and Bank of Muscat in Oman.97 The thieves stole prepaid debit card information and distributed it to a worldwide network of “cashers” that encoded the information on fraudulent cards. The network of criminals then distributed PIN numbers and stole $45 million in two days by withdrawing money from 3,000+ ATMs in 26 countries. The Department of Justice arrested seven of the eight members of the criminal cell in the United States. One defendant fled to the Dominican Republic and became deceased after a dispute about how to distribute the illgotten funds. The following is part of the indictment: The eight indicted defendants and their co-conspirators targeted New York City and withdrew approximately $2.8 million in a matter of hours. The defendants are charged variously with conspiracy to commit access device fraud, money laundering conspiracy, and money laundering. Seven of the eight defendants have been arrested on the charges in the indictment: the arrested defendants are Jael Mejia Collado, Joan Luis Minier Lara, Evan Jose Peña, Jose Familia Reyes, Elvis Rafael Rodriguez, Emir Yasser Yeje, and Chung Yu-Holguin, all residents of Yonkers, New York.98 This case illustrates the direct connection between cybercrime and the impact on businesses. The Computer Security Institute’s (CSI) Computer Crime and Security Survey provides a broad view of the types of cybercrimes that are affecting organizations. The following are the key findings from their 15th annual report.99
1. Malware infection continued to be the most commonly seen attack, with 67.1 percent of respondents reporting it.
2. Respondents reported markedly fewer financial fraud incidents than in previous years, with only 8.7 percent saying they’d seen this type of incident during the covered period.
3. Of the approximately half of respondents who experienced at least one security incident last year, fully 45.6 percent of them reported they’d been the subject of at least one targeted attack.
4. Fewer respondents than ever are willing to share specific information about dollar losses they incurred. Given this result, the report this year does not share specific dollar figures concerning average losses per respondent. It would appear, however, that average losses are very likely down from prior years.
5. Respondents said that regulatory compliance efforts have had a positive effect on their security programs.
6. By and large, respondents did not believe that the activities of malicious insiders accounted for much of their losses due to cybercrime. 59.1 percent believe that no such losses were due to malicious insiders. Only 39.5 percent could say that none of their losses were due to non-malicious insider actions.
7. Slightly over half (51.1 percent) of the group said that their organizations do not use cloud computing. Ten percent, however, say their organizations not only use cloud computing, but have deployed cloud-specific security tools.
Case Discussion Questions
1. How could the banks mentioned in this case have mitigated or prevented the thefts?
2. Identify the intangible impact (on reputation, image, etc.) of such thefts on the banks.
3. Why would this type of distributed bank theft be faster and incur larger losses than a traditional strong-arm bank robbery?
4. Why are many organizations reluctant to use cloud computing?
5. Why are organizations hesitant to report losses related to cybercrime?
6. Why are malicious insiders a focus of security experts?
