CYBERCRIMINALS LAUNDER UP TO $200 BILLION ANNUALLY RESEARCH REVEALS

Press Releases / CYBERCRIMINALS LAUNDER UP TO $200 BILLION ANNUALLY RESEARCH REVEALS

CYBERCRIMINALS LAUNDER UP TO $200 BILLION ANNUALLY RESEARCH REVEALS

We are following the money to see what happens to the proceeds from cybercrime. This research shows cybercriminals are money laundering through both familiar and unfamiliar channels. Reserve your copy of the full report: Into the Web of Profit

March 18, 2018 –

Starting in April of 2017, we started an independent, academic study into the macro economics of cybercrime and how cybercriminals launder and ‘cash out’ the profits of criminal endeavours. This is just part of the nine-month study we sponsored titled Into the Web of Profit. The full findings will be presented at the RSA Conference in April by Dr. Mike McGuire, Senior Lecturer in Criminology at Surrey University, England.

According to the report, cybercriminal proceeds make up an estimated 8-10 percent of total illegal profits laundered globally; amounting to an estimated $80-$200 billion each year[1]. Other key findings include:

  • Virtual currencies have become the primary tool used by cybercriminals for money laundering
  • Cybercriminals are moving away from Bitcoin to less recognized virtual currencies, like Monero, that provide greater anonymity
  • In-game purchases and currencies are spurring a rise in gaming-related laundering; as China and South Korea become hotspots for gaming-currency laundering
  • Covert data collection found that PayPal and other digital payment systems are employed by cybercriminals to launder money
  • Digital payment systems laundering often involves the use of micro-laundering techniques where multiple, small payments are made so laundering limits aren’t triggered

“We invested in this research to instigate a meaningful conversation about how to disrupt the economic systems and poor security practices that enable cybercrime around the world; frankly because it’s far too easy for them,” commented Gregory Webb, CEO of Bromium. “Today it is easy for hackers to infect machines, steal data, and hold businesses and individuals for ransom or sell stolen IP because enterprise defences are not fit for purpose. It is equally easy for them to wash that money and convert it into cash – and the rise in use of unregulated, virtual currencies is making this even easier. We need to attack the problem in a different way. Law enforcement, the cybersecurity industry and both the public and private sectors need to be vigilant about disrupting cybercrime. Protecting applications that access sensitive data is an absolute requirement. We need a whole new approach to cybersecurity or these figures will continue to increase over time.”

Virtual currency could be the future of laundering – but only if it’s anonymous

Many cybercriminals are using virtual currency to make property purchases which convert illegal proceeds into legitimate cash and assets. Websites such as Bitcoin Real Estate offer everything from penthouse suites and lavish mansions, to 160-acre private islands, all with the option to buy using bitcoins. Unlike cash purchases which are subject to regulation and scrutiny, properties purchased with cryptocurrency are not as closely scrutinised because cryptocurrencies aren’t regulated by any central banks or governments.

The study found that nearly 25 percent of total property sales are predicted to be in cryptocurrency in the next few years. This is concerning financial analysts who worry that allowing swifter, more covert transactions, many with criminal origins, will disrupt global property markets.

However, the report highlights that law enforcement agencies are now monitoring Bitcoin, causing many cybercriminals to look for alternatives. Information on bitcoin transactions can leak during web transactions – typically via web trackers or cookies. This means that connecting transactions to individuals is possible in up to 60 percent of Bitcoin payments.

Researcher and report author Dr. Mike McGuire, Senior Lecturer in Criminology at Surrey University, noted, “It’s no surprise to see cybercriminals using virtual currency for money laundering. The attraction is obvious. It’s digital, so is an easily convertible way of acquiring and transferring cybercrime revenue. Anonymity is also key, with platforms like Monero designed to be truly anonymous, and tumbler services like CoinJoin that can obscure transaction origins. Targeted organizations must do more to protect their customers.”

Laundering through in-game currency and goods is on the rise

The report also indicates that cybercriminals are spending “considerable time” converting stolen income into video game currency or in-game items like gold, which are then converted into bitcoin or other electronic formats. Games such as Minecraft, FIFA, World of Warcraft, Final Fantasy, Star Wars Online and GTA 5 are among the most popular options because they allow covert interactions with other players that allow trade of currency and goods.

Dr. McGuire added, “Gaming currencies and items that can be easily converted and moved across borders offer an attractive prospect to cybercriminals. This trend appears to be particularly prevalent in countries like South Korea and China – with South Korean police arresting a gang transferring $38 million laundered in Korean games, back to China. The advice on how to do this is readily available online and explains how cybercriminals can launder proceeds through both in-game currencies and goods.”

Digital payment systems are used to help hide the money trail

Covert data collection in online forums and interviews with experts and cybercriminals indicate that an estimated 10 percent of cybercriminals are using PayPal to launder money. A further 35 percent use other digital payment systems, including Skrill, Dwoll, Zoom, and mobile payment systems like M-Pesa.

Methods like ‘micro laundering’, where thousands of small electronic payments are made through platforms like PayPal, are increasingly common and more difficult to detect. Another common technique is to use online transactions – via sites like eBay – to facilitate the laundering.

Dr. McGuire concludes, “The growing use of digital payment systems by cybercriminals is creating significant problems for the global financial system. Revenues that previously would have flowed within proven and well-established banking systems and could be traced are now outside of its jurisdiction. Digital payment systems are most effective when combined with other digital resources, like virtual currencies and online banking. This hides the money trail and confuses law enforcement and financial regulators.”

Further findings will be released during the RSA Conference in San Francisco. Dr. McGuire will present the full findings during his speaker speaking slot on April 20th from 09:00-09:45 AM on the Security Mashup track – code MASH-F01.

-End-

Methodology

Into the Web of Profit is a nine-month academic study by Dr. Mike McGuire, Senior Lecturer in Criminology at Surrey University. It draws from first hand interviews with convicted cybercriminals, data from international law enforcement agencies, financial institutions, and covert observations conducted across the Dark Web.

ABOUT BROMIUM, INC.
Bromium protects your brand, data and people using virtualization-based security via application isolation. We convert an enterprise’s largest liability – endpoints – into its best defense. By combining our patented hardware-enforced containerization to deliver application isolation and control, with a distributed Sensor Network to protect across all major threat vectors and attack types, we stop malware in its tracks. Unlike traditional security technologies, Bromium automatically isolates threats and adapts to new attacks using behavioral analysis and instantly shares threat intelligence to eliminate the impact of malware. Bromium offers defense-grade security and counts a rapidly growing set of Fortune 500 companies and government agencies as customers.

Visit Bromium: https://www.bromium.com
Follow Bromium on Twitter: https://twitter.com/bromium
Follow Bromium on LinkedIn: https://www.linkedin.com/company/bromium

 
Media Contacts
 
 
 
 
2018-03-18T16:15:41+00:00March 18th, 2018|

See Bromium in Action

Put an end to malware and attacks once and for all. Request a demo of the Bromium Secure Platform to learn how Bromium uses virtualization-based security to isolate applications and stop threats. Complete the form to request a demo.

Thank you! The information has been submitted successfully.
Share
Tweet
Share

By continuing to use the site, you agree to the use of cookies. More information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close