At a recent Security Analyst Summit in Tenerife by Internet Security Company Kaspersky researchers made the point that even though robotics and automation are playing a larger part in all aspects of life, including cyber crime, it is likely that there will always be the need for humans to play at least some part in most cyber crime.
The examples given for one important area where a human element is needed in popular cyber crime is in the process of money laundering. The Metel banking fraud gang were cited as a specific example of a cybercrime gang who rely upon using individual members or associates to physically travel to ATMs and take money out in order to complete a spear-phishing crime. The gang who target employees of financial firms in order to access to payment processing computers, also use human rather than digital means when the card numbers are typed in to the ATM. Hackers actually wait for the card numbers to appear in the payment processing and manually click ‘cancel’ from their end.
Another example of the vital human links in the money laundering was given at the Kaspersky show by Adrian Nish, head of cyber intelligence systems at BAE. Mr Nish highlighted the case of the hackers behind the Shylock attacks which involved using a banking, spread via Skype, and could allow them to take control of a PC in order to steal banking login credentials. These same Shylock hackers actually placed a job advert online for an “e-commerce representative” who could work from home transferring money for businesses. The stipulation that the individual should have no criminal record and a PayPal account meant that the hackers would have a network of individual ‘mules’ who would be hard for the authorities to detect while carrying out much of the laundering process. The work appeared to be legitimate from the surface and was kept at a distance from the hackers themselves. The mules even received some basic training in order to give the right answers to any questions from the authorities
Future of Cyber Crime – Still Needs Humans
Experts at the Kaspersky Summit pointed out that even though automation is likely to become more advanced and sophisticated in cyber crime, humans are still likely to be needed long into the future to ensure that the perpetrators actually get the money. As such this human element will always be the weakest link in the cyber crime chain. This is good news for all of us as businesses and individuals alike are all potential cyber crime targets, and the fact that there are potentially traceable humans involved means that authorities stand a much better chance of catching the perpetrators.