However, cybercrime is a constant threat. At the end of March, the FBI’s Internet Crime Complaint Center released its annual report on cybercrime reports received in 2021. The group received 847,376 complaints, amounting to nearly $7 billion in losses, a 64% increase from 2020. And the report opened by saying that last year, “America experienced an unprecedented increase in cyberattacks and malicious cyber activity.”
However, researchers say that different types of cybercrime should be treated in different ways. For example, the Internet Crime Complaint Center (IC3) said in its 2021 compendium that nearly $2.4 billion in reported losses came from business email compromises and email account compromise scams. And such schemes are less technical and much more decentralized than ransomware attacks and other types of cybercrime.
“When there are relatively few actors driving a significant portion of the overall activity, law enforcement intervention can have a noticeable impact on the overall threat landscape,” said Crane Hassold, director of threat intelligence at Abnormal Security and a former digital behavior analyst for FBI. “But BEC is highly decentralized; there are literally thousands of actors who are very loosely connected – there is no head of a snake.
Even when it comes to centralized criminal infrastructure like dark web marketplaces, malware families, and botnets, Hydra’s name is apt. Law enforcement will carry out takedowns and even arrests, only to find new iterations of the same services emerging later, using recovered infrastructure and run by the actors who escaped. As Microsoft said in an announcement about ZLoader’s takedown, “Our outage is intended to disable ZLoader’s infrastructure and make it more difficult for this organized crime gang to continue its operations. We expect the defendants to make efforts to revive Zloader’s operations.”
However, Recorded Future’s Liska stresses that this relentless pace should not distract from the gains defenders are making.
“Yes, the bad guys are able to create new things. But we’re much better at knocking these new things down,” he says.
These advances are mostly focused on types of cybercrime that rely on cryptocurrency to enable massive transfers of value, such as ransomware and digital extortion. Hassold adds, however, that BEC fraudsters use entirely separate networks of money mules and wire transfer schemes to steal traditional fiat currency.
“It’s just going to have to be approached in a completely different way,” he says. “You can’t even arrest dozens or hundreds of these guys or take care of the lead actors because there are no lead actors.”
Even as law enforcement agencies make real progress in honing their ability to mount some types of enforcement action, there’s a larger conceptual problem if your local arcade keeps adding more and more Whac-A-Mole machines all around you.
More great stories on WIRED
