China's Underground Cyber-Crime Economy Grows in Size, Sophistication

By Robert Lemos  |  Posted 2015-12-01 Print this article Print
China Cyber-Crime

The company found point-of-sale skimmers for sale on business-to-business sites, where they were likely bought to be resold to unwary retailers. The devices also had a new feature, which transmits stolen data through SMS text messages, usually used by phones, so cyber-criminals do not have to physically collect the data, the report stated.

Skimming also highlights the ways that China and the U.S. criminal markets can differ. While skimming is a popular way of grabbing payment-card information in the United States, criminals have focused on automated teller machines (ATMs) at banks, rather than point of sale devices, according to financial-service firm FICO.

From January to April 9, 2015, the number of points of compromise increased by more than 170 percent at bank-owned ATMs in the United States, while it has dropped by more than 80 percent at U.S. retail points of sale. The trend in China, at least anecdotally, still seems focused on point-of-sale systems.

Unlike espionage, much of the crime in China focuses on domestic targets, according to experts. While a domestic systems integrator reportedly refrained from buying information stolen from well-known manufacturer Foxconn by a local group of hackers, a heavy machinery maker, Sany, allegedly hired hackers to infiltrate and steal information from its competitor in 2014, according to a report in the Financial Times. Three Sany executives were arrested during the investigation into the case, according to the article.

A study by Microsoft of PCs in China in 2011 found that four of 20 computers bought from retailers had malware pre-installed on the devices. In addition, while the United States and European countries rarely see mobile malware, malicious code—such as the recent XcodeGhost attack— is part of the mobile experience in China.

"Currently, China's cyber-crime underground mostly targets Chinese citizens and businesses," said Doug Steelman, chief security officer for Dell SecureWorks, who oversees the CSO Human Intelligence Team. "However, we are beginning to see a few criminal groups offer hacking services targeting foreign websites or businesses."

Chinese law enforcement agencies are aware of these different avenues of attacks and have investigated wrongdoing and cracked down on the underground markets and illegal online behavior, but face an uphill battle, Steelman said.

"The ongoing challenge for them—as well as everyone fighting cyber-crime—is the difficulty in determining attribution and identifying the specific activities actually being carried out by hackers advertising their services, such as what is specifically being traded, who is being targeted, and with what success these attacks are carried out," he said in an email interview.



Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel