|SocialismToday Socialist Party magazine|
Issue 165 February 2013
Cybercrime’s tangled web
DarkMarket: How Hackers Became the New Mafia
By Misha Glenny
Published by Vintage books (2012), £8.99
Reviewed by Iain Dalton
AFTER WRITING about the new era of organised crime in McMafia (reviewed in The Socialist, No.549, 24 September 2008), Misha Glenny is back to concentrate on just one aspect: cybercrime. The increasing use of computer and communications technology in most people’s everyday lives and the widespread use of the internet for work and consumption have created novel forms of fraud and identity theft.
Glenny points out that, at the Bell Telephone Company, out of 25 billion e-mails received every day, 24 billion are spam! In 2009, US president Barack Obama announced that cybercrime and industrial malfeasance cost the world $1 trillion each year, 1.5% of global GDP. Glenny writes in his introduction: "If it wasn’t so lucrative, fraudsters would not make the effort in the first place".
DarkMarket reads mostly like a ‘true crime’ thriller, telling the story of various websites devoted to cybercrime, with the book taking its title from the most important one. Such websites were used by those engaged in cybercrime to discuss with each other, exchange services, and buy hardware or software that they personally did not have the skill to create themselves. DarkMarket was infiltrated by the FBI, and interviews with investigators from a number of law enforcement bodies led to the arrest of those behind it
Glenny does not do this merely to sensationalise the issue, but to try and get to the roots of the motivation of those involved, on both sides of the law. One thing that comes through is that, for the most part, cyber criminals are not scheming villains, but people from a poor background whose circumstances have led them to become more and more deeply entangled in it. ‘Matrix001’, for example, started cracking computer games because his parents could not afford to buy them. ‘Theeeel’ started ‘carding’ to help pay for university. Carding involves stealing the electronic data on a credit card, creating a clone and then using it to get cash out at ATMs.
The globalisation of the world economy has also had an impact, particularly in the banking sector with the development of electronic banking. Glenny explains: "Banks like to keep the extent of fraud quiet partly for competitive reasons and partly because they do not want their customers to demand a return to the old ways. Electronic banking saves them huge sums of money because the customer is carrying out tasks that were once the preserves of branches and their staff. If we were all to refuse to manage our finances via the internet, banks would be compelled to reinvent the extensive network of branches through which they used to serve us. That would cost an awful lot of money and, as we now know, the banks have spent everything they have, along with hundreds of billions of taxpayers’ cash, underwriting egregious speculative ventures and their obscenely inflated bonus payments".
He goes on: "Personal credit-card debt in the four biggest users of plastic – the US, the UK, Japan and Canada – started rising manically in the mid-1990s. In the space of ten years from 1997, the numbers of cards in circulation worldwide rose from just under 1.5 billion to three billion, and average individual debt among the most addicted users, the Americans, doubled from $5,000 to $10,000. Banks adored our newfound affection for credit cards because, at a time of virtually 0% interest rates, they were still gaily charging between five and 30%… in the Anglo-Saxon casino economics of the 1990s and 2000s, plastic was the closest invention to printing money ever devised by financial institutions".
With huge amounts of money circulating electronically, it became a target for fraudulent activity – particularly carding. Glenny lists three major types of danger on the internet. The first, cybercrime, covers a wide range of activities alongside carding: from scareware (infecting a computer with a virus and then selling the software to remove it); to pump-and-dump (hacking and digitally inflating share prices and then selling them on); and payroll schemes (adding phantom employees to companies’ payrolls).
The second, cyber industrial espionage, is estimated by telecoms company, Verizon, to account for 34% of criminal activity on the web and mostly consists of hacking companies’ networks to steal secret files. The third, cyber warfare, involves designing software that will attack enemy computer networks. Glenny uses the example of the Stuxnet attack on Iranian nuclear technology – widely attributed to the US and/or Israeli military – to demonstrate that it is only nation states that have the resources to be able to invest the time and manpower to create such a complex piece of malware.
While highlighting concerns over data protection and privacy rights, Glenny’s conclusion follows his narrative of a struggle between law enforcement and cyber criminals. He argues that, rather than just trying to lock up every hacker they can find (whether in it for profit or not), such people should be invited to use their talents to work with law enforcement, security services and private security companies. Yet, as Glenny demonstrates, while such bodies are used to try to stop cybercrime, their powers are also used to monitor left-wing activists and others, too. He even documents a case where a leak was blamed on a completely innocent investigation officer within one police force, which saw him arrested twice over the matter.
The state and its agencies are not neutral, there to serve the interests of society as a whole. They carry out their activities in the interests of the dominant class within society. While cybercrime can cause huge losses to businesses, which means it is in the interests of the capitalist class to devote some resources to fighting or at least controlling it, this only goes so far.
Organised crime operates, essentially, in the gaps where legal capitalism cannot go. It can never be stopped by capitalism. On the contrary, it is endemic to it. But, rather than creating value (although the production of skimmers and other devices does so), most cybercrime is parasitic, extracting wealth created elsewhere from the bank accounts and credit cards of their victims.
The lack of opportunities for a decent job and worthwhile future also drive a small layer of young people towards cybercrime. And, while this is true in the advanced capitalist countries, it is doubly so for the developing world. Glenny lists 419 scams linked mainly to Nigeria, and spends much of the book describing the situation in the former USSR and Turkey. It is a real weakness, however, that he does not consider what can be done about this, one of the key underlying factors behind the rise of cybercrime. Nonetheless, he does point out: "Throughout the twentieth century, recessions and depressions have invariably led to a dramatic spike in financial fraud, loan-sharking and illegal gambling, as ordinary folk seek desperate solutions to their money difficulties".
Glenny comments that one of the trends during the boom was an increasing professionalisation of cybercrime. This is particularly so because the individuals at the top have now developed the contacts which mean that they no longer need the website forums they used in the past. Despite the fall of websites such as DarkMarket, therefore, as long as capitalism remains so will cybercrime.