Is the Mafia Taking Over Cybercrime?

The involvement of organized crime in cybercrime is not as prevalent as commonly believed, and cybercriminals often seek protection from law enforcement agents and politicians. Addressing cybercrime requires a multi-faceted approach that includes initiatives to provide startup capital, hiring from affected regions, and addressing corruption.

• Organized crime's involvement in cybercrime is not as prevalent as commonly believed
• Cybercriminals often seek protection from law enforcement agents and politicians
• Addressing cybercrime requires a multi-faceted approach that includes initiatives to provide startup capital, hiring from affected regions, and addressing corruption

Many cybercriminals are actually entrepreneurs and programmers who lack the capital to start legitimate businesses. They turn to cybercrime as a quick way to make money. Additionally, some cybercriminals are also legitimate programmers who work in the criminal industry instead of the legitimate one.

Claims abound that the Mafia is not only getting involved in cybercrime, but taking a leading role in the enterprise. One can find such arguments regularly in media articles, on blogs, and in discussions with members of the information security industry. In some sense it has become a mainstream position. But, what evidence actually exists to support such claims?Drawing on a seven year University of Oxford study into the organisation of cybercrime, this talk evaluates whether the Mafia is in fact taking over cybercrime, or whether the structure of the cybercriminal underground is something new. It brings serious empirical rigor to a question where such evidence is often lacking. This analysis is based on almost 250 interviews with law enforcement, the private sector and former cybercriminals. These were carried out in some 20 countries, including fieldwork in purported cybercrime "hotspots" like Russia, Ukraine, Romania, Nigeria, Brazil, and China.This talk broadly addresses the range of connections between Mafias, organised crime, and cybercrime. But, it focuses this discussion on the so-called "Russian Mafia" as this is the specific boogieman that many claims mention and some of the most sophisticated cybercrime actors are based in the former Soviet Bloc. As part of this discussion, a more informed understanding will be developed around: what a Mafia is, the evolution of the Russian Mafia, and known cases where organised criminals have been directly involved in cybercrime.In determining whether cybercrime is best conceptualised and tackled through an organised crime prism or not, this talk should be of relevance to a range of members of the cybersecurity community, including policymakers, law enforcement and the private sector. It is an exclusive presentation of book material to be published in the Fall by Harvard University Press.