Understanding the new cyber crime mafia

Cyber criminal in a hoodie holding a laptop
(Image credit: Shutterstock)

Ransomware, data breaches and data leaks are just three of the threats resellers face every day when considering how to keep their customers protected and open for business. And what they learn today may not be adequate tomorrow, as a growing villainous fraternity develop new subtler threats that can have a devastating impact on businesses, operationally, reputationally and financially.

Stark parallels can be drawn between cyber criminals and the emergence of the Mafia gangs from the last century. Though care is taken to shield their online operations, their sophisticated malice and execution are aligned with those historically practiced by organised crime.

In essence, cyber criminals are the New Mafia of today's world, and if resellers don't understand these gangs, they will not be able to help protect the end users they support.

Gartner estimates that enterprise security spending will total $96.3 billion in 2018, an increase of 8% from last year. This increase is required to address the growing number of cyber threats affecting businesses - using our own proprietary data, we discovered an almost 2,000% increase in ransomware detections since 2015.

In order to take on these cyber criminals, we must first understand how they operate. This 'New Mafia' operates in four different types of groups:


A big development in cyber crime is the rise of professional hackers' services. Similar to paid cars-for-hire, this service operates with an emphasis on 24/7 customer service and reliability.

The worrying difference here is the removal of technical knowledge as a barrier to cyber crime. The appropriate skills no longer have to be learned, instead, budding criminals can outsource the technical execution of their schemes making it accessible to anyone.

For instance, the boom of 'Ransomware-as-a-service' has led to ransomware detections increasing by 94% on average per month this year in comparison to 2016, according to Malwarebytes' data.

Ideological hackers

Notorious for gathering and leaking classified information about governments and high-profile organisations, ideological hackers generally attempt to use the threat of classified leaks to coerce their victim to act in their favour. One example of this is the attack on Sony Pictures in 2014.

State-sponsored attackers

There has been a steep rise in attacks by state-sponsored hackers with the goal of stealing information and disrupting political activity. The alleged Russian interference in the US election and widespread hacks from North Korea are recent examples.

Unlike other groups, their activity is a lot subtler, yet they can have a similarly damaging effect. These hackers are interested in corporate theft and sabotage, blurring the difference between cyber crime and cyber warfare. And this isn't limited to other – North Korean hackers were recently implicated in a spate of attacks on banks and cryptocurrency exchanges.

Traditional gangs

This group has the motivations of traditionally organised gangs: theft, the sale of drugs, guns and stolen goods to the online world. It's comprised of hackers and working with existing gangs that have been able to harness those with the skills to help maintain their position, despite the disruption brought by the internet.

The various ways in which these different groups can target people, from corporate espionage, fraud and data breaches, can lead to confusion around the size and scope of threats.

What's more, given the sheer variety of threats out there, it's a challenge for resellers to simply keep abreast of the industry. However, without investing in the time to better understand the cyber security landscape, how will they be able to successfully support their end users?

Although cyber crime is still a relatively new branch of the criminal world, it already has more income than most traditional industries, not to mention other criminal activity. And as there is little recourse to companies and individuals in the courts, many cyber crimes go unreported, which in turn adds to the feeling of frustration of the victim.

Through continued education the channel has the chance to play a key role in protecting their customers and allowing them to do what they do best, drive their business.

Anthony O'Mara is vice president sales EMEA at Malwarebytes