Pulling It All Together: Using the SDL to Prevent Real-World Threats 333
their domestic offline controls to cover crimes carried out in cyberspace.
These activities include attacks against computer data and systems, iden-
tity theft, the distribution of child sexual abuse images, Internet auction
fraud, money laundering, the penetration of online financial services,
online banking theft, illicit access to intellectual property, online extor-
tion, as well as the deployment of viruses, botnets, and various email
scams such as phishing. Organized crime groups typically have a home
base in a nation that provides safe haven, from which they conduct their
transnational operations. In effect, this provides an added degree of pro-
tection against law enforcement and allows them to operate with mini-
mal risk. The inherently transnational nature of the Internet fits perfectly
into this model of activity and the effort to maximize profits within an
acceptable degree of risk. In the virtual world there are no borders, a
characteristic that makes it very attractive for criminal activity; yet when
it comes to policing this virtual world, borders and national jurisdictions
loom large— making large-scale investigation slow and tedious at best,
and impossible at worst.
19–21
Some of the more noteworthy groups are the
European crime rings, state-sponsored criminal groups and proxies, U.S.
domestic crime groups, and Mexican cartels.
As payoff from cyber crime grows, it is no surprise that organized
crime groups seek a share in it. Cyber crime allows organized syndicates to
finance their other illicit activities in addition to providing hefty profits.
Criminal syndicates are involved in everything from theft to extortion,
piracy, and enabling online crime in the first place. They are providing a
new meaning to the “as-a-service” term. In addition to exploiting cyber
infrastructure for monetary gains, they are enabling cyber attacks by pro-
viding vulnerabilities, creating tools and offering resources to people who
will pay for it. These services include selling vulnerabilities (proactively
looking for them in new software products and infrastructure), creating
and selling exploits for existing vulnerabilities, spam services, infrastruc-
ture (botnets, hosting), as well as malware.
22
10.1.1.3 Socio - Politic al At tac ks
Socio-political attacks are often intended to elevate awareness of a topic
but can also be a component or a means to an end with regard to political
action groups, civil disobedience, or part of a larger campaign, and they
may be an indicator and warning of bigger things to come.