Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Financial Options for Cyber Criminals
Kimberly Zenz
VeriSign iDefense
kzenz@verisign.com
“A Significant Amount of Money”
2
Stealing Money Isn’t Enough
3

• You have to be able to use it too
• Cyber criminals can take steps to be less public
• E....
What is a Poor Cyber
Criminal to Do?

4
Electronic Currencies
5

• Popular choice for a reason
• Some have a history of offering clients anonymity
• Or at least n...
Liberty Reserve
6

•

Leader until takedown
•

•

US DOJ: A money laundering case, not a cyber crime case
•
•
•

•

High p...
Alternatives to Liberty Reserve
7

•

Perfect Money
•
•
•

Increase in use following LR takedown
In business since at leas...
Further Electronic Currency Options
8

• WebMoney
• Founded in 1998, previously the front runner
• Claims 14 million users...
BitCoin: An Acceptable Option?
9

•
•

Volatile – speculation an issue
Mining losing utility
•
•

•
•

Handy for cyber cri...
Credit Cards
10

• Cash onto Credit Cards: Possible
• Prepaid debit and credit cards are available
• Some limitations
• De...
Credit Cards (and other Money Mule Options)
11

• Prepaid credit cards and certificates also a growing alternative to
mone...
So… Is There Any Hope of
Getting Away With It?

12
Keeping Dishonest Money
13

• Money laundering already was an LEO priority, and cyber crime is a
growing one
• Each LEO su...
Thank You

© 2012 VeriSign, Inc. All rights reserved. Verisign, the Verisign logo, iDefense and other trademarks, service
...
Upcoming SlideShare
Loading in …5
×

Kimberly Zenz - Financial Options for Cyber Criminals #uisgcon9

959 views

Published on

Published in: Economy & Finance, Business
  • Be the first to comment

  • Be the first to like this

Kimberly Zenz - Financial Options for Cyber Criminals #uisgcon9

  1. 1. Financial Options for Cyber Criminals Kimberly Zenz VeriSign iDefense kzenz@verisign.com
  2. 2. “A Significant Amount of Money” 2
  3. 3. Stealing Money Isn’t Enough 3 • You have to be able to use it too • Cyber criminals can take steps to be less public • E.g. Diffuse services, less commercial criminal software offerings • But all cyber criminals must at some point convert their criminal gains into money that they can use. i.e. that is integrated with the global financial system • Money laundering a particular concern for cyber criminals because it ties into larger anti-crime, anti-terrorism and political efforts • Receives more official and private sector resources than purely anticyber crime efforts • Laws and cooperation mechanisms older, more established, simpler and less time sensitive than ant cyber crime efforts • Private and public sectors older, more established, than anti cybercrime • Transactions can be traced • Assuming that officials are sufficiently motivated • People talk
  4. 4. What is a Poor Cyber Criminal to Do? 4
  5. 5. Electronic Currencies 5 • Popular choice for a reason • Some have a history of offering clients anonymity • Or at least not asking too hard for true proof of identity • Third-party and personal exchanges also help provide anonymity • Quick, online, (mostly) separate from the formal financial system • Relatively easy to establish • Limited truly reliable and secure options • Vulnerable to betrayals, LEO, internal failures
  6. 6. Liberty Reserve 6 • Leader until takedown • • US DOJ: A money laundering case, not a cyber crime case • • • • High profile customers, including 45 million USD Unlimited Operations ATM scammers More than 6 billion USD laundered through 55 million transactions 25 million USD and 45 bank accounts seized More effectively frozen - customers able to appeal for access to their accounts – not too many forthcoming Costa Rican base not sufficient legal protection • • Leader Arthur Budovsky arrested in Spain, others arrested in US and Costa Rica US DOJ could pursue the case • 200,000 US users • Presence of Liberty Reserve members Vladimir Katz (co-founder) and Mark Marmilev (helped design technical infrastructure) in the Untied States • Presence of infrastructure in US • Transfer of funds through US financial institutions • • Iran has this problem too International anti-money laundering cooperation relatively straightforward • 45+ domestic and foreign searches & seizures, 36 MLAT requests in 15 countries • LEO Cooperation in: US, Costa Rica, Russia, China, Latvia, Cyrus, Hong Kong, Norway, Sweden, Australia, Cyprus, Latvia, Switzerland, Luxembourg, Morocco, Spain, Netherlands, United Kingdom, Norway, Canada, US, Costa Rica
  7. 7. Alternatives to Liberty Reserve 7 • Perfect Money • • • Increase in use following LR takedown In business since at least 2007 Claimed to be in Panama • January 2013: Panamanian government stated that Perfect Money has no offices or licenses in the country • Now provides a Hong Kong address • Shared by many other businesses • But… Security press anointed Perfect Money as the Successor to Liberty Reserve • • Also successor to legal attention? Announced the US citizen could not participate following LR takedown • Difficult to police, infrastructure even harder • Turned away some visibly criminal customers
  8. 8. Further Electronic Currency Options 8 • WebMoney • Founded in 1998, previously the front runner • Claims 14 million users • Strong global footprint, expanding • Began in CIS, Latin America and Pacific Asia (not to USA) • Traditionally popular among cyber criminals • Use by legitimate small and medium sized businesses protected WMZ from regulation efforts • Now large legitimate presence encourages law enforcement cooperation, especially in Russia • May still be possible to “fly under the radar” • Other electronic options of varying trustworthiness • Payza/AlertPay, EgoPay, LiqPay, Paxum, PayWeb, SolidTrustP ay, ePayments, Yandex.Dengi, RedPass, etc.
  9. 9. BitCoin: An Acceptable Option? 9 • • Volatile – speculation an issue Mining losing utility • • • • Handy for cyber criminals who can use botnets (like ZeroAccess) As the rate of block generation (unencrypting a BitCoin) increases, difficulty rises – reaching maximum total utility BitCoin seems attractive because it is “anonymous” But is BitCoin Anonymous? • • • • Not big enough to hide truly large transactions Transactions can be tracked in each BitCoin Multiple BitCoin transaction chains combined and transformed into international currency through exchanges Exchanges can and will operate with authorities – US ahead of the BitCoin game • • • • Mt. Gox account at Wells Fargo seized over paperwork, DHS prohibits Dwolla to exchange BitCoins (total five million USD accounts) IRS subpoenaed 24 exchanges. GOA office report on money laundering risks, US Treasury unit Financial Crimes Enforcement Network (FinCEN) has BitCoin rules, IRS to follow LEO (especially the FBI more aggressive about anonymity in general, e.g. Tor CP arrests and Silk Road closure (which included the seizure of 3.6 million USD in BitCoins) Other crypto currencies insufficiently popular, e.g. Litecoin, Namecoin, PPCoin, even Ripple • May be scams themselves
  10. 10. Credit Cards 10 • Cash onto Credit Cards: Possible • Prepaid debit and credit cards are available • Some limitations • Depend on the exchanges • Limited totals • Daily Withdrawal Limit – 1000 USD • Maximum Daily Balance – 10K USD • Total Loading Limit/Month – 20K USD • Cash from Credit Cards: More difficult (but still possible) • Credit card companies and acquiring banks increasingly picky • Will cut off processors if caught violating TOS • Copyright particularly valuable tool – instant TOS violation • Copyrighted software sales, pharma particularly affected • Small shift to prepaid payment cards for accepting fraudulent payments a la rogue AV and ransomware • E.g. Green Dot MoneyPak, can be purchased at major retailers such as Wal-Mart, CVS, Walgreens, Kmart, etc.
  11. 11. Credit Cards (and other Money Mule Options) 11 • Prepaid credit cards and certificates also a growing alternative to money mules • Not just in accepting payments, also in sending money or goods for resale • Western Union et. al. are watching • Human mules problematic • Difficult to recruit enough – constant efforts required (or high payments to services who must engage in constant efforts) • Relatively easy to identify, arrest (especially if they must appear in person or accept delivery at their actual address) • Some mules will rob the thieves • Brian Krebs: “mules are dumb,” make mistakes • Big mules = big attention, e.g. General Valeriu Gaichuk in Romania • Old methods still in use though • • Can still use CCs to purchase goods, ship them near home country (in the case of Eastern Europe, sometimes via a EU country such as Poland near the Ukrainian border), sell them for cash Can still use human mules for that matter
  12. 12. So… Is There Any Hope of Getting Away With It? 12
  13. 13. Keeping Dishonest Money 13 • Money laundering already was an LEO priority, and cyber crime is a growing one • Each LEO success increases capacity for and interest in the next • The dominance of the United States in the international financial system helps make it a dominant, and potentially unavoidable, player in anti money-laundering efforts • Avoiding US victims and customers is not enough to avoid US attention • So, really, what is a cyber criminal to do? • Stay under the radar, it’s still a numbers game • LEOs are better able to target money laundering than cyber crime, but are still constrained by capacity issues and the need to prioritize • So many “ we gave it to LE” stories • The noticeable and stationary get targeted – just ask LR, Mt. Gox, Silk Road, Gozi, Citadel, Carberp, etcetera • The more automation, the better • Risk still higher
  14. 14. Thank You © 2012 VeriSign, Inc. All rights reserved. Verisign, the Verisign logo, iDefense and other trademarks, service marks, and designs are registered or unregistered trademarks of VeriSign, Inc. and its subsidiaries in the United States and in foreign countries. All trademarks are properties of their respective owners. All materials are intended for iDefense customers and personnel only. The reproduction and distribution of this material is forbidden without express written permission from iDefense. The opinions, statements, and assessments in this report are solely those of the individual author(s) and do not constitute legal advice, nor do they necessarily reflect the views of VeriSign, Inc., its subsidiaries, or affiliates.

×