Share This:

As a third-generation Italian-American growing up in the Midwest, I was used to hearing about the feared Mafia, either in the stories of older relatives or in the misguided attempts at humor by school kids.

In those days, the Mafia was an organized crime syndicate that infiltrated businesses and city government to create a well-oiled machine. There were Mafia “kingpins” with colorful names and crime syndicates masquerading as businesses. After years of crushing pressure from prosecutors, demographic shifts, and an aging corps of criminals, the traditional Italian Mafia has been weakened, but that hasn’t stopped them – and other organized groups of criminals – from moving their operations online.

Is there a cloud mafia?

Scholars use precise explanations to define a mafia or organized crime group. But, one thing that seems certain is that they aren’t, contrary to my childhood memories, exclusively Italian or tied to any ethnic group, for that matter.

Like many things, crime has made its way into cyberspace. MSPs have everything from hackers to pranksters to state-sponsored terrorism to worry about, do we really need to add a “cloud mafia” to the list? The answer is unclear, and it depends on who you ask.

Dr. Jonathan Lusthaus, the Director of The Human Cybercriminal Project at the Extra-Legal Governance Institute, Department of Sociology at the University of Oxford’ Nuffield College in England, has studied organized cybercrime extensively and wrote a paper in 2018 exploring whether the Mafia is Taking Over Cybercrime.. After conducting hundreds of interviews, across the globe, he concluded that “organized crime does play a role in cybercrime, but its involvement is far from a complete takeover.”

In other words, it’s not something that would keep an MSP owner up at night, but something that ought to be on your radar.

SmarterMSP caught up with Peter Grabosky, Professor Emeritus in the School of Regulation and Global Governance at Australian National University. Grabosky has studied the rise of organized cybercrime extensively and said that some businesses are at risk from attacks.

The first thing to clarify is how organized cybercrime differs from state-sponsored cybercrime.

“All state cybercrime is organized, but not all organized cybercrime is state-sponsored,” Grabosky says. There may also be symbiotic links between an online organized crime syndicate and a state or none at all. 

“In some cases, these individuals may be government employees or contractors. They may be criminals quite independent of the state. In other cases, such organization may entail partnership or other collaboration between state and non-state actors,” Grabosky says.

As with the Italian Mafia’s heyday, money is often the driving force behind today’s organized crime online, but there are different variables. Criminal motives depend on the organization. Grabosky gave a nice summary of these:

– Most organized non-state actors are in it for the money, whereas state sponsors can do it for revenge or to poke their enemies. Though there is some evidence that North Korea has been in it for money.

– Because of difficulties in attributing crime to a source, states find it an attractive alternative to conventional military methods.

– Recently, we have seen allegations of attempts to subvert the democratic process of the US and other liberal states by state-sponsored attacks, which is something organized cybercriminals are not typically concerned about. Political or economic intelligence or trade secrets are also coveted by some states.

Attractive cybercrime targets

Are there businesses that are more susceptible to being attacked by organized crime than others? It is doubtful that the corner dry-cleaner will come under attack by a sophisticated ransomware scheme. Instead, think banks or brokerages.

Financial institutions are attractive targets for those who are in it for the money because that’s where the money is, and large retailers are valuable for the credit card details of their customers. Organized cybercrime, Grabosky says, is something that will likely be around for the foreseeable future. With large swaths of the world still not wired, the opportunity is ripe for exploitation when these areas come online.

“Criminal motives (state and non-state) will not fade away. There are more and more rich targets, political as well as economic, to be exploited. The ‘arms race’ of the past quarter century seems likely to intensify. Only half of the world’s population is currently online. Innovations such as the Internet of Things will create more pathways for attack,” Grabosky says. 

As far as managed service providers go, the environment is always in flux. Grabosky cautions businesses to exercise great care in today’s environment, saying, “Stay abreast of innovations in security, encourage a culture of security.”

Cybercrime expert Michael Cobb has studied organized groups and advises that the most common time for attack is between 10 p.m. and 4 a.m. Gateway processes can be given access to more resources during those hours to combat increased spam and firewalls, and intrusion activity needs to be monitored for unusual activity outside of typical work patterns. You can read more of his security advice here.

And next time you think of the mafia, don’t be thinking about the Godfather or Goodfellas, instead, warily keep an eye on your servers.

Photo:  Stokkete / Shutterstock.


Share This:
Kevin Williams

Posted by Kevin Williams

Kevin Williams is a journalist based in Ohio. Williams has written for a variety of publications including the Washington Post, New York Times, USA Today, Wall Street Journal, National Geographic and others. He first wrote about the online world in its nascent stages for the now defunct “Online Access” Magazine in the mid-90s.

Leave a reply

Your email address will not be published. Required fields are marked *