The Economics of Online Crime

From Cybersecurity Wiki
Jump to navigation Jump to search

Full Title of Reference

The Economics of Online Crime

Full Citation

Tyler Moore, Richard Clayton and Ross Anderson, The Economics of Online Crime, 23 J. Econ. Persp. 3 (2009). Web

BibTeX

Categorization

Key Words

Blacklist, Credit Card Fraud, Cyber Crime, Disclosure Policy, Identity Fraud/Theft, Notice and Take-down, Phishing, Spam, Organized Crime, Trojan, Scareware

Synopsis

This paper will focus on online crime, which has taken off as a serious industry since about 2004. Until then, much of the online nuisance came from amateur hackers who defaced websites and wrote malicious software in pursuit of bragging rights. But now criminal networks have emerged -- online black markets in which the bad guys trade with each other, with criminals taking on specialized roles. Just as in Adam Smith's pin factory, specialization has led to impressive productivity gains, even though the subject is now bank card PINs rather than metal ones. Someone who can collect bank card and PIN data, electronic banking passwords, and the information needed to apply for credit in someone else's name can sell these data online to anonymous brokers. The brokers in turn sell the credentials to specialist cashiers who steal and then launder the money. We will examine the data on online crime; discuss the collective-action aspects of the problem; demonstrate how agile attackers shift across national borders as earlier targets wise up to their tactics; describe ways to improve law-enforcement coordination; and we explore how defenders' incentives affect the outcomes.

Additional Notes and Highlights