Is this the key to combating cybercrime? Image: Getty Images/iStockphoto
Explore and monitor how Cybersecurity is affecting economies, industries and global issues
Get involved with our crowdsourced digital platform to deliver impact at scale
Stay up to date:
- In August 2023, the UN reported that at least 220,000 people had been trafficked in Southeast Asia and been forced to run online scams.
- These victims of cyber-slavery mainly came from Myanmar and Cambodia but others had been lured in from as far away as Africa and Latin America.
- The World Economic Forum's Partnership Against Cybercrime members launched the Cybercrime Atlas initiative to better understand the cybercriminal ecosystem.
In August 2023, the UN reported that at least 220,000 people had been trafficked in Southeast Asia and been forced to run online scams. Criminals are taking advantage of the poor job opportunities available to young graduates and professionals in many countries. The criminals convince people to travel abroad with promises of high-quality work and then threaten them and physically coerce them into working as online fraudsters. They are forced to work on online scam farms run by cybercriminals in Southeast Asia.
These victims of cyber-slavery mainly came from Myanmar and Cambodia but others had been lured in from as far away as Africa and Latin America. The victims of their scams, similarly, were based across the world.
Cyber-enabled fraud and extortion is bad enough but we’re seeing an increasing number of criminal cyber-attacks that have physical consequences. Whether it’s the double victimisation that happens when victims of human trafficking in one country are chained to laptops and forced to defraud citizens in another, or the consequences of a ransomware attack on a hospital, the changing shape of the cybercriminal market has made it easier for traditional organised crime to expand their reach from the online world into our real lives.
Why is cybercrime growing?
Cybercrime has expanded for the same reasons that drove the mega growth of legal online businesses. The internet allows criminals to operate seamlessly across borders, accessing a marketplace of victims anywhere, anytime and at scale. The internet also helps criminals to conceal their own identity, location and size.
At the same time, criminals copy what they see in the legal markets. Think about the advent of subscription model ‘software-as-a-service’ offerings that give businesses access to user-friendly products ranging from video calls to project management and customer service tools. Equally, criminals have their own ‘cybercrime-as-a-service’ where experienced cybercriminals sell accessible tools and knowledge to help others carry out cybercrimes. This brings more criminals into the cybercrime market by lowering the cost and level of skill needed to be an effective online fraudster and deliver ransomware attacks that can bankrupt businesses and destroy livelihoods.
Why is cybercrime difficult to counter?
The difficulty in countering cybercrime isn’t just its growth rate. Cybercrime is almost always a cross-border event, with criminals targeting victims in foreign countries to reduce the risk of arrest.
Cross-border attacks make cybercrime difficult for law enforcement to deal with, constrained as they are by national boundaries. Adding to the problem, many countries are only at the start of building their police force’s capacity to counter cybercrime.
“Cyber criminals have the battlefield advantage: it's easier to attack than to defend, as defending requires more effort and resources. Therefore, the public and private sectors must act together to develop collective cyber threat intelligence and detection sharing, security and technology and coordinated incident response mechanisms. By joining forces and creating concrete channels for collaboration, we can make a decisive shift in the fight against cybercrime."”
Companies can act across borders and many of them have significant expertise in cybersecurity and investigations. The enormous volumes of data created by the internet, however, make it difficult for many companies to separate malicious activity from the noise of big data.
As a rule, organizations normally work within their own corporate boundaries. So any one part of the private sector lacks systemic knowledge and insight into the wider activities of the criminals that prey on them. If we can’t see the full extent of cybercriminal activities then this makes it difficult to counteract them.
What can be done to combat cybercrime?
Cybercriminals increasingly operate in loosely networked chains of service providers, developers, intermediaries, financiers and end users. After all, it is difficult to be an expert in everything from coding to money-laundering. As cybercrime becomes interesting to larger numbers of criminals, it is rare for a single group to conduct an entire operation independently of an entire supply-chain of third-party tools, experts, services and infrastructure.
These networks of criminal end-users and cybercrime service providers create dark efficiencies that make our connected world less predictable and more hostile. But they also open opportunities for cyber-defenders. Just like any business with a complex supply-chain, small disruptions at the right point in the criminal network have the potential to be highly disruptive.
The most effective way to fight cybercrime is to come together. Each sector, business and organization has different insights into the threat ecosystem, skillsets to disrupt malicious infrastructure and abilities to hold criminals accountable. We must continue to harness these strengths, and that is exactly what the Cybercrime Atlas does.””
The Cybercrime Atlas
To squeeze the space in which cybercriminals operate we need to understand the criminal habitat and the way in which the criminal ecosystem creates dependencies across different types of activity. We quite literally need to map things out.
In an effort to improve the understanding and ability to analyze the cybercrime landscape, the World Economic Forum's Partnership Against Cybercrime members launched the Cybercrime Atlas initiative to better understand the cybercriminal ecosystem in January 2023.
The World Economic Forum is hosting the secretariat for the project, supported by Fortinet, Microsoft, Paypal and Banco Santander. Other organizations will also support the initiative through in-kind donations of time, expertise and capabilities.
Derek Manky, Chief Security Strategist and Global Vice President of Threat Intelligence at Fortinet’s FortiGuard Labs sums up the thinking behind the Cybercrime Atlas: "Disrupting global cybercriminal organizations requires a global effort with strong, trusted relationships and collaboration across public and private organizations and industries. Broad international collaborations that are based on trust emphasize the two-way exchange of expertise and information and hands-on projects are crucial for influencing change and behaviour.
"It’s key to concentrate on surrounding cybercrime actors, identifying holistic and coordinated disruption opportunities at as many locations in their ecosystem as possible. The Cybercrime Atlas initiative is about driving real impact and is a coordinated effort to create a chain of disruption in the world of cybercrime, enabling the entire cybersecurity community to become more resilient and effective at stopping cybercrime on a global scale.”
Mapping the cybercrime ecosystem
At its heart, the Cybercrime Atlas initiative is a database about cybercrime. The word ‘database’ rarely has the power to make hearts beat faster, but the insights that might be drawn by correlating and combining information could support the steady erosion of cybercriminal capabilities and the collaboration that is built on it could be the groundwork for actions with a more seismic impact.
To support collaboration between members, the Atlas is focusing on building a shared knowledge base, beginning with open-source research and publicly available materials — anything the analysts can identify that might be relevant to understanding the entirety of the criminal ecosystem.
Operating collaboratively, the Cybercrime Atlas community can then use this to understand and disrupt the cybercriminal ecosystem and mitigate the negative impact of attacks. In this vision, the Cybercrime Atlas will become a source of pooled knowledge for understanding cybercriminal group operations over time, such as criminal tactics, techniques and processes, threat actor infrastructures, money-laundering systems and the identities of criminals.
The Cybercrime Atlas project exemplifies how working together can yield great results. Providing visibility is a critical first step in efforts to help disrupt cybercriminal ecosystems and infrastructure. Enhanced visibility will assist in more successful cybercrime investigations, takedowns, prosecutions and convictions. It will also provide an opportunity to strategically identify and target vulnerabilities in the criminal ecosystem.
Don't miss any update on this topic
Create a free account and access your personalized content collection with our latest publications and analyses.
License and Republishing
The views expressed in this article are those of the author alone and not the World Economic Forum.
More on CybersecuritySee all
February 22, 2024
February 21, 2024
February 21, 2024
February 19, 2024
February 15, 2024
February 15, 2024