跳到主体内容

Russian-language cybercrime: 95% of incidents are about stealing money

2015年11月19日

Experts working in Kaspersky Lab’s Computer Incidents Investigation Department (CIID) have spent the last three and a half years investigating more than 330 cybersecurity incidents affecting government and private-sector organizations

Experts working in Kaspersky Lab’s Computer Incidents Investigation Department (CIID) have spent the last three and a half years investigating more than 330 cybersecurity incidents affecting government and private-sector organizations.  Their findings reveal that more than 95% of these incidents used malicious software, often successfully, to steal funds. Details of this discovery and other key findings have now been compiled into a Kaspersky Lab report,“The Russian cybercrime underground: How it works.”

The report estimates the damage caused to businesses by Russian-speaking cybercriminals who have been arrested in the last few years. It also includes an overview of products and services offered on the Russian underground market, and explains the structure of a typical Russian cybercrime gang and the main roles of its participants.

The main findings of the report are:

  • Between 2012 and 2015, law enforcement agencies in different countries arrested more than 160 people from Russia and its neighboring countries, all suspected of conducting financial cybercrime around the world.
  • The estimated damage caused by their activity exceeds $790 million dollars. If this is combined with the damage caused by the infamous Carbanak gang (which has not yet been arrested), the amount of stolen money would be more than $1.7 billon dollars.
  •  More than $500 million of this was stolen from countries that were not formerly part of the USSR.
  • Kaspersky Lab experts estimate that during the last three and a half years, nearly 1,000 people from Russia and neighboring countries were involved in cybercriminal activity. Evidence suggests that there are fewer than 20 gang “leaders”, and most of them have yet to be caught.  
  • Currently, Kaspersky Lab is actively investigating five large cybercriminal groups involved in stealing money using malicious software.

All five of these groups are still active, and were discovered by Kaspersky Lab researchers in 2012 and 2013. Each numbers between 10 and 40 people, depending on the group. At least two of the groups are actively targeting organizations in Russia and neighboring countries but also in the USA, Great Britain, Australia, France, Italy and Germany.

ru-cybercrime-s.jpg

“Unlike other local cyber-undergrounds – for example, in Brazil – enterprising Russian-speaking cybercriminals don't just focus on local targets. They are an international problem and we think that the scale of the threat will only continue to grow. With the recent devaluation of the ruble, Russian cybercriminals have a greater incentive to shift their attention away from local targets towards foreign ones where they see an opportunity for greater illicit gains. We expect to see a rise in attacks against organizations located far away from Russia. The only way to fight cybercrime effectively is for law enforcement agencies, IT security experts, and representatives from the financial sector to join forces. Kaspersky Lab's experience tracking and combating the Russian cyber-underground is unparalleled. Our experts detect emerging malicious trends long before they become widespread and we are leveraging this experience to combat the spread of Russian cybercrime worldwide." - said Ruslan Stoyanov, Director of Computer Incidents Investigation Department at Kaspersky Lab.

The full text of the report is available at Securelist.com

Russian-language cybercrime: 95% of incidents are about stealing money

Experts working in Kaspersky Lab’s Computer Incidents Investigation Department (CIID) have spent the last three and a half years investigating more than 330 cybersecurity incidents affecting government and private-sector organizations
Kaspersky logo

关于卡巴斯基

卡巴斯基是一家成立于1997年的全球网络安全和数字隐私公司。卡巴斯基不断将深度威胁情报和安全技术转化成创新的安全解决方案和服务,为全球的企业、关键基础设施、政府和消费者提供安全保护。公司提供全面的安全产品组合,包括领先的端点保护解决方案以及多种针对性的安全解决方案和服务,以及用于应对复杂和不断变化的数字威胁的网络免疫解决方案。全球有超过4亿用户使用卡巴斯基技术保护自己,我们还帮助全球200,000家企业客户保护最重要的东西。要了解更多详情,请访问www.kaspersky.com.cn.

相关文章 企业新闻