Organized Cybercrime: The Big Business Behind Hacks and Attacks

There’s a person behind every cybercrime. That’s easy to lose sight of. After all, cybercrime can feel a little anonymous, like a computer is doing the attacking instead of a person. Yet people are indeed behind these attacks, and over the years they’ve been getting organized—where cybercriminals structure and run their operations in ways that darkly mirror the workings of a real business. 

Funny, the notion of hackers running an illegal business just like a regular business. But there you go. What works, apparently works. So, let’s take a closer look at how organized crime goes about its business—and get a little more insight into how we can protect ourselves in the process. 

A classic notion of the cybercriminal is that of a lone hacker, donning a hoodie in a dimly lit room and chipping away at the networks and devices of a business or household. That does happen, such as in the case of the former engineer accused of. Yet increasingly, attacks are orchestrated efforts.  

More and more of today’s cybercrime is a distributed, international affair that relies on several bad actors to see it through. This takes the form of organized crime groups with ringleaders located in one country and developers in others, further supported by operations, marketing, finance, and call center teams in yet other locations—just like a legitimate business, strange as it seems. 

What does that look like in real life? Consider a practical example: an identity theft ring sets up a series of phony websites to hijack personal information. There’s a lot of work that goes into putting up those websites, so let’s start there and see who could be involved. From there, we can work our way up the chain of cybercrime organizations. For starters: 

  • There are the sites themselves. An individual or team codes the site in their location and then hosts them on servers in other locations, often different countries. 
  • There’s a creative team that designed and wrote the sites in such a way that they look convincing enough to potential victims such that they fall for the scam.  
  • Another team takes on a marketing role, where they’re charged with promoting those phony sites to lure in victims through phony emails, ads, and paid search results designed to look like the real thing. 
  • An analytics team determines which lures are the most effective. From there, they share these findings so that the most effective of the phony emails, ads, and search results get used—they may fine-tune the phony websites for performance as well. 

And that’s just for starters. There’s plenty of activity that follows once victims share their personal info on that phony site, spanning yet more business roles: 

  • A data team harvests the stolen data and packages it up for use, whether by the same cybercrime organization or via sale on a dark web marketplace. 
  • A finance team that handles and launders funds as needed—and then pays out partners, employees, and ringleaders of the organization. Plus, it will cover any operational costs like equipment and services used. 
  • A managerial layer may also exist to keep operations running smoothly, coordinating the efforts of all the teams and offering reports to (ring)leadership. 
  • The ringleaders themselves—the ones who conceived this scam, set it in motion, and reap the big dollars from it. Of note, these people may not be technically minded at all. But they are crooks. 

Stepping back and looking at this example, you can see how there are several distinct skillsets at play here. While small groups of hackers could pull off something similar, the most effective of these scams will have a relatively large staff in place to ensure it runs effectively. This is just one broad example, yet it does serve to remind us that sophisticated cybercrime can have a sophisticated organization behind it. 

Other examples include tech support scams that run their own call support centers, corporate ransomware attacks where scammers hijack the company’s social media accounts and shame them into paying. There are yet more examples of bogus call centers, like the ones that will walk individual victims through the process of paying off a ransomware attack with cryptocurrency. Once again, quite an operation. 

Back to the lone hacker in a hoodie for a moment. They’re still out there. In fact, many of them are enabled by larger cybercrime organizations. This can happen in several ways: 

  • Take the phony website example above. The crooks who stole that information may not use it themselves. They may sell it to other cyber crooks for profit instead.  
  • Additionally, larger organizations will sell their malicious code in kits to non-technical and semi-technical hackers so that those crooks can commit crimes of their own.  
  • Some organized cybercrime organizations will simply hire themselves out as a service, unleashing phony website scams like mentioned above, distributed denial of service attacks that flood internet traffic to a halt, and several other types of crime—for the right price.  

It’s a marketplace out there, where our data acts as a kind of currency that’s traded and sold by operators large and small. 

So yes, there’s a person behind every cybercrime. And then there’s you. Along with all things you can do to stop them. 

Earlier this year, I shared how McAfee now solely focuses on people. Organized cybercrime is just one of the many reasons why. While different devices may come and go in our lives, our data always follows us—the very things cybercriminals are after. It’s people who need protection. By protecting you, your identity, and your privacy, along with your devices, we protect you from threats like these, whether they stem from a small-time crook or an organized crime gang. Even lone hackers in hoodies.  

To me, the solution looks something like this: you’re out there enjoying the internet without having to look over your shoulder. You’re just safe. And living your life.  

So as cybercrime becomes more sophisticated, we’re becoming yet more sophisticated at McAfee. And it’s you entirely with you in mind. Online protection should come naturally and give you the confidence to go about your day—protection that is personalized, intelligent, and easier to use so that it adapts based on what you’re doing and what you need at any given moment. That’s our aim. Ease. Freedom. Particularly in a time when criminals are trying their hardest to make you their business as you go about yours. 

Introducing McAfee+

Identity theft protection and privacy for your digital life

FacebookLinkedInTwitterEmailCopy Link

Stay Updated

Follow us to stay updated on all things McAfee and on top of the latest consumer and mobile security threats.


More from Internet Security

Back to top