Abstract
This article considers how information and communications technologies (ICT) can be used by organised crime groups to infringe legal and regulatory controls. Three categories of groups are identified: traditional organised criminal groups which make use of ICT to enhance their terrestrial criminal activities; organised cybercriminal groups which operate exclusively online; and organised groups of ideologically and politically motivated individuals who make use of ICT to facilitate their criminal conduct. The activities of each group are then assessed in relation to five areas of risk: the use of online payment systems, online auctions, online gaming, social networking sites and blogs. It is concluded that the distinction between traditional organised crime groups and the other two groups—cybercriminal groups and ideologically/politically motivated cyber groups—is converging, with financially-motivated attacks becoming more targeted. Legislation will need to adapt to deal with new technological developments and threats that organised criminals seek to exploit.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Notes
Such incidents can be perpetrated by both groups (as defined under Article 2 of the UN Convention on Transnational Organized Crime) or by one or more individuals as illustrated in this example.
In Australia, money laundering transactions are estimated to be between AUD$2 billion (Institute of Chartered Accountants 2006) and AUD$4.5 billion per year (AGD n/a). The IMF has further suggested that money laundering transactions are equal to approximately two to five percent of the global gross domestic product (GDP).
References
Ahmad, R. (2007). Slashing through the Web of terror. Todayonline 3 March.
Ames, B. (2007). Online spending tops US$100 billion. Computerworld.com.au 05 January.
AusCERT (2006). Computer crime and security survey. http://www.auscert.org.au/images/ACCSS2006.pdf.
Australia Attorney-General’s Department (AGD) n/a. Why are anti-money laundering and counter-terrorism financing reforms required?. Fact sheet. http://www.ag.gov.au/www/agd/agd.nsf/Page/Anti-moneylaundering_Factsheets.
Australian Institute of Criminology (AIC) (2007). New methods of transferring value electronically. High tech crime brief 14. http://www.aic.gov.au/publications/htcb/htcb014.html.
Australian Payments Clearing Association (APCA) (2005). Annual report 2005. http://www.apca.com.au/Public/apca01_live.nsf/WebPageDisplay/PUB_AnnualReport.
Bahrawi, N. (2007a). One abdul basheer is one too many. Todayonline 11 June.
Bahrawi, N. (2007b). The new face of extremism: Young, Internet-savvy and easily duped. Todayonline 26 March.
Bandura, A. (1999). Social cognitive theory of personality. Asian Journal of Social Psychology, 2(1), 21–41.
BlackHat (2003). BlackHat briefings. http://www.blackhat.com/presentations/bh-usa-03/bh-us-03-hackercourt.pdf.
Brenner, S. W. (2002). Organized cybercrime? How cyberspace may affect the structure of criminal relationships. North Carolina Journal of Law & Technology, 4(1), 1–50.
Canadian Security Intelligence Service (2000). Transnational criminal activity: A global context. http://www.csis-scrs.gc.ca/en/publications/perspectives/200007.asp?print_view=1.
Charlton, J. (2005). Al Qaeda buys cyber criminal expertise. Computer Fraud & Security, 2005(3), 2.
Chau, M., & Xu, J. (2007). Mining communities and their relationships in blogs: A study of online hate groups. International Journal of Human-computer Studies, 65(1), 57–70.
Chen, Y. -C., Chen, P., Song, R., & Korba, L. (2004). Online gaming crime and security issue: Cases and countermeasures from Taiwan. Paper to Second Annual Conference on Privacy, Security and Trust, University of New Brunswick, October 2004.
China tops 20m bloggers (2007). Australian IT 12 January.
Choo, K. K. R., Smith, R. G., & McCusker, R. (2007). Future directions in technology-enabled crime: 2007–09. Research and public policy series no 77. Australian Institute of Criminology.
Curry, A., & McGrane, S. (2006). China’s cyberwarriors. Foreign policy September/October issue: 93.
Duffy, R. (2006). Global governance, criminalisation and environmental change. Global crime, 7(1), 25–42.
Fell, M. (2007). Crime in the virtual world 2007. ABC.net.au 11 May.
FBI warns of Eastern European hacker groups (2001). OUT-Law.com 9 March.
Fortinet (2007). Malicious code appears on Blogger.com. http://www.fortiguardcenter.com/advisory/FGA-2007-04.html.
Frith, M. (2007). Student ‘in bank fraud plot’. The sun-herald 17 June.
Gantz, J. F., Reinsel, D., Chute, C., Schlichting, W., McArthur, J., Minton, S., et al. (2007). The expanding digital universe. IDC white paper March.
Great Britain. Crown Prosecution Service (GB CPS) (2006). Convictions for internet rape plan. Media release 1 December.
Harding, T. (2007). Terrorists ‘use Google maps to hit UK troops’. Telegraph.co.uk 13 January.
Heydt-Benjamin, T. S., Bailey, D., Fu, K., Juels, A., & O’Hare, T. (2007). Vulnerabilities in first-generation RFID-enabled credit cards, in Proceedings of Financial Cryptography and Data Security 2007 Lecture notes in computer science (forthcoming). http://www.cs.umass.edu/~tshb/FC07-heydt-benjamin.pdf.
How to fight hate websites? (2007). The electric new paper 21 June.
Inside the Yamaguchi-gumi: Ex-gangster’s life a history of Japan’s postwar underworld (2006). MSN-Mainichi daily news 24 May.
Institute of Chartered Accountants (2006). Money laundering worth up to 5% of global GDP. News release 26 May.
Institute of Defence and Strategic Studies (IDSS) 2006. Proceedings of the International conference on Terrorism in Southeast Asia: The threat and response. http://www.rsis.edu.sg/.
Interview: Eugene Kaspersky (2007). Infosecurity May/June issue.
Iraqi cartoon manuals show how to torture (2007). The electric new paper 29 May.
Jagatic, T., Johnson, N., Jakobsson, M., & Menczer, F. (2007). Social phishing. Communications of the ACM (forthcoming). http://www.indiana.edu/~phishing/social-network-experiment/phishing-preprint.pdf.
Jakobsson, M., & Stamm, S. (2006). Invasive browser sniffing and countermeasures, in Proceedings of the 15 th international Conference on World Wide Web, Edinburgh, 2006: http://www2006.org/programme/item.php?id=3527.
Jaques, R. (2006). European police nab zombie hackers. Vnunet.com 27 Jun.
Jen, W. Y., Chang, W., & Chou, S. (2006). Cybercrime in Taiwan: An analysis of suspect records. Paper to Workshop on Intelligence and Security.
Johnston, C. (2007). Brave new world or virtual pedophile paradise? Second Life falls foul of law. The.age.com.au 10 May.
Keizer, G. (2007). Microsoft owns up to Xbox Live pretexting. Computerworld.com 25 March.
Kirk, J. (2007a). Estonia recovers from massive denial-of-service attack. InfoWorld 17 May.
Kirk, J. (2007b). Hackers build private IM to keep out the law. Computerworld.com 28 March.
Kirk, J. (2007c). Symantec: Chinese hackers grow in number, skills. Infoworld.com 18 May.
Kornakov, K. (2006). Cyberfraudsters detained in Spain. Viruslist.com 18 September.
Kshetri, N. (2005). Hacking the odds. Foreign Policy, 148, 93.
Kshetri, N. (2006). The simple economics of cybercrimes. IEEE Security & Privacy, 4(1), 33–39.
Lal, R. (2005). South Asian organized crime and terrorist networks. Orbis, 49(2), 293–304.
Libbenga, J. & Leyden, J. (2007). Dutch botnet duo sentenced. The register 1 February.
Lyman, P., & Varian, H. R. (2003). How much information 2003?. http://www.sims.berkeley.edu/how-much-info-2003.
McAfee (2005). McAfee virtual criminology report 2005. Santa Clara CA: McAfee.
McAfee (2006). Virtual criminology report: Organised crime and the internet. Santa Clara CA: McAfee.
McCusker, R. (2006). Organised crime and terrorism: Convergence or separation? Standing group organised crime eNewsletter 12 May.
Moore, T. & Clayton, R. (2007). An empirical analysis of the current state of phishing attack and defence, in Proceedings of the Sixth Workshop on the Economics of Information Security, Pittsburgh, 2007.
National White Collar Crime Center and Federal Bureau of Investigation (NW3C/FBI) (2007). 2006 Internet Fraud Crime Report. http://www.ic3.gov/media/annualreport/2005_IC3Report.pdf.
New worry: Homemade extremists (2007). Todayonline 2 June. http://www.todayonline.com/articles/191998.asp.
‘Nigerian scam’ conmen caught in KL (2007). The electric new paper 2 June.
Office of the United States Trade Representative (2007). 2007 Special 301 report. http://www.ustr.gov/assets/Document_Library/Reports_Publications/2007/2007_Special_301_Review/asset_upload_file980_11122.pdf.
Online porn merchants dodge internet dragnet (2007). AsiaOne 5 June.
Organisation for Economic Co-operation and Development (OECD) (2007). The economic impact of counterfeiting and piracy. http://www.oecd.org/dataoecd/11/38/38704571.pdf.
Palmers, C. (2007). Policing a virtual world. Anti-money laundering magazine, 7, 25–27.
PandaLabs (2007). Cybercrime... for sale (II). http://blogs.pandasoftware.com/blogs/pandalabs/archive/2007/05/03/Cybercrime_2E002E002E00_-for-sale-_2800_II_2900_.aspx.
Pereira, J. (2007). How credit-card data went out wireless door. The wall street journal 4 May.
Police break phone sex hacking ring (2006). Donga.com 10 November.
PricewaterhouseCoopers (PwC) (2006). DTI information security breaches survey 2006. http://www.pwc.com/extweb/pwcpublications.nsf/docid/7FA80D2B30A116D7802570B9005C3D16.
Raid of a major pirate packaging facility in Guangzhou (2007). Enforcement bulletin issue 33, 5.
Rao, S. (2007). Net hacker avoids jail. Daily telegraph 8 June.
Rodriguez, A. (2007). Attacks on Estonia move to new front. Chicago tribune 29 May.
Russia arrests ‘grandfather of cybercrime’ (2001). BBC news 26 May.
ScanSafe (2007). Global threat report. 18 April.
Schrank, P. (2007). Newly nasty. The economist 24 May.
Singapore Inter-Ministry Committee on Youth Crime (IMCYC) (2005). Game over. The Straits Times article 11 February.
Singapore Commercial Affairs Department (2006a). Annual report: Beyond excellence service with assurance. http://www.cad.gov.sg/topNav/pub/Annual+Reports.htm.
Singapore Commercial Affairs Department (2006b). Money mules. http://www.cad.gov.sg/topNav/hom/.
Singapore Commercial Affairs Department (2007). Case of 6-members credit card skimming syndicate. Media release 21 May.
Sophos (2006). Hackers may get second chance to benefit from Second Life security breach. Press release 11 September.
Supian, H. (2007). Minding the virtual buzz. Todayonline 29 May.
Swartz, J., & Acohid, B. (2007). Data theft arrests show how tens of millions are at risk. USA today 12 June.
Symantec (2007a). Symantec internet security threat report vol. XI. www.symantec.com/threatreport.
Symantec (2007b). Italy under attack: Mpack gang strikes again!. 15 June. http://www.symantec.com/enterprise/security_response/weblog/2007/06/italy_under_attack_mpack_gang.html.
Symantec (2007c). Symantec internet security threat report vol. XI March. http://www.symantec.com/threatreport.
Terdiman, D. (2006). IRS taxation of online game virtual assets inevitable. CNet.com 3 December.
Tigers have joined jihadi drug trade, says official (2007). Todayonline 11 June. http://www.todayonline.com/articles/193618.asp.
United Kingdom Child Exploitation and Online Protection (UK CEOP) (2007). Global online child abuse network smashed - CEOP lead international operation into UK based paedophile ring. Media release 18 June.
United States Department of Justice (US DoJ) (2004). Nineteen individuals indicted in internet carding conspiracy. Media release 28 August. http://www.usdoj.gov/opa/pr/2004/October/04_crm_726.htm.
United States Department of Justice (US DoJ) (2005). Six defendants plead guilty in internet identity theft and credit card fraud conspiracy. Media release 17 November. http://www.cybercrime.gov/mantovaniPlea.htm.
United States Department of Justice (US DoJ) (2006a). 21 charged with participating locally in alleged international internet-based fraud scheme. Media release 12 December.
United States Department of Justice (US DoJ) (2006b). ‘Botherder’ dealt record prison sentence for selling and spreading malicious computer code. Media release 8 May.
United States Department of Justice (US DoJ) (2007a). Four defendants arraigned in half-million dollar eBay fraud scheme. Media release 16 February.
United States. Department of Justice (US DoJ) (2007b). Four Russians indicted in identity theft and fraud ring. Media release 1 March.
United States Department of Justice (US DoJ) (2007c). Digital currency business e-gold indicted for money laundering and illegal money transmitting. Media release 27 April.
United States Department of Justice (US DoJ) (2007d). Software piracy ringleader extradited from Australia. Media release 20 February.
United States Department of Justice (US DoJ) (2007e). Extradited software piracy ringleader pleads guilty. Media release 20 April.
United States. Department of Justice (US DoJ) (2007f). Former member of the US navy indicted on terrorism and espionage charges. Media release 31 March.
United States. Department of Justice (US DoJ) (2007g). Brooklyn man pleads guilty to participating in massive AOL spam scheme. Media release 11 June.
United States. Department of Justice (US DoJ) (2007h). Bulgarian woman arrested and charged with conspiracy and money laundering. Media release 26 March.
United States Federal Bureau of Investigation (US FBI) (2007).Cracking the code: Online IP theft is not a game. Media release 1 February.
United States Florida Department of Law Enforcement (US FDLE) (2007). Arrests made in gift card fraud case totaling more than $8 million in losses. News release 19 March.
United States Immigration and Customs Enforcement (US ICE) (2005). ICE arrests 9 in Ohio fraud driver’s license scheme. News release 24 February.
United States National Drug Intelligence Center (US NDIC) (2006). National drug threat assessment 2007: Drug money laundering. http://www.usdoj.gov/ndic/pubs21/21137/index.htm.
United States National Science and Technology Council (US NSTC) 2006. Federal plan for cyber security and information assurance research and development: Report by the Inter-agency Working Group on Cyber-security and Information Assurance. http://www.ostp.gov/nstc/html/Cyber%20Security%20and%20Information%20Assurance%20Report%20April%202006.pdf.
United States Secret Service (USSS) (2004). U.S. secret service’s operation firewall nets 28 arrests. Press release 28 October.
van Rassel, J. (2007). ATM skimmers seized in raid. Calgary herald 31 May.
Vidino, L. (2007). The hofstad group: The new face of terrorist networks in Europe. Studies in Conflict & Terrorism, 30, 579–592.
Ward, M. (2006). Anti-cartoon protests go online. BBC.co.uk 8 February.
Web video game aim: ‘Kill’ Bush characters (2006). CNN.com 18 September.
Websense Security Labs (2006). Malicious website / malicious code: Fradulent You Tube video on MySpace installing Zango Cash. Media release 06 November.
Wee, E. (2007). Global diy terror: No cell, no hardship. The electric new paper 10 June.
Weimann, G. (2006). Virtual disputes: The use of the internet for terrorist debates. Studies in conflict & terrorism, 29(7), 623–639.
World internet vusage and population statistics (2007). http://www.internetworldstats.com/stats.htm.
Zhu, L. (2006). China nabs 44 suspects in biggest internet virtual property swindle. Xinhuanet.com 15 December.
Acknowledgements
The authors wish to thank Rob McCusker (AIC), Janet Smith (AIC), Professor Peter Grabosky (ANU) and the anonymous referees for their feedback on earlier drafts of this article. Despite their invaluable assistance, any errors remaining are solely attributed to the authors.
Author information
Authors and Affiliations
Corresponding author
Additional information
This research paper does not necessarily reflect the policy position of the Australian Government or the Australian Institute of Criminology (AIC).
Rights and permissions
About this article
Cite this article
Choo, KK.R., Smith, R.G. Criminal Exploitation of Online Systems by Organised Crime Groups. Asian Criminology 3, 37–59 (2008). https://doi.org/10.1007/s11417-007-9035-y
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11417-007-9035-y