The Cyber Criminal Network

8 min readNov 22, 2018

With the rise and prevalence of communication tools such as whatsapp and facebook. We have invested our personal and business lives into a digital world. However many individuals have no personal cyber defense capabilities and unfortunately many governments and law enforcement have no culture of cybersecurity or knowledge of the necessary national cyber defence policies and institutions required to secure this new digital landscape.

This has seen the creation of a digital wild west, where those brave pilgrims who have stacked claims are left to defend themselves from feral rustlers and voracious bushwhacking outlaws.

This open territory is made worst by the increase in retail commercialization of hacking tools and services and the wide availability of these resources within the dark web. These tools include bluetooth jacking scripts to infiltrate cellphones and laptops, deepfakes, procedures and tools on how to conduct psychological attacks, as well as standard cyber security tools such as kali linux and wireshark.

In the age of Donald Trump and Russian meddling in the US elections, expensive, esoteric, ephemeral and abstract concepts such as cyber weapons and psych-ops tools which were the domain of militaries are now a part of the consciousness of the public, easily understood, sought after and now conveniently retailed by companies such as Palantir, Digital Fusion and Cambridge Analytics. Political operatives from the US, EU and Africa use their services to drive public opinion and emotion to pre-determine political outcomes.

This new power and capability is now in the tool belt of every MBA, marketing executive, cyber security expert, energetic startup and script kid. Facebook, Google and Twitter have collected a vast quantity of data on the near 2 billion people they have on their hyper-connected platforms and communities. These companies make their revenue from advertising and have embedded tools to analyze, segment and prole us as individuals and target us precisely as groups. Those unfortunate to live in the wild west are vulnerable to these outlaws and bushwhackers who now have now begun to upgrade themselves to the new digital landscape.

The availability of end-2-end encryption and large whatsapp groups where individuals encourage and coordinate attacks without remorse, where individuals exchange information on targets wittingly and unwittingly becoming conspirators in violent crimes.

We have seen the emergence of a pattern where more technically capable individual curios about tools and the dark web explore and distribute these tools casually to friends and family of in blogs, these same individuals or others in their social or online circles hack other individuals and create vulnerabilities and publicize this vulnerability as a brag or in collaboration with less capable but more reckless and ruthless individuals.

These has seen the rise of the hijacking of web presences with an intent to impersonate others and defraud individuals, influence decisions or execute corporate espionage.

The difficulty faced by law enforcement is that these crimes are not necessarily committed by a monolithic unit but by loosely connected cells some technical and mischievous or malicious, some purely criminal and malicious and but mostly financial desperate individuals with little of understanding that this is ethically and criminal wrong, who have found themselves in a position of advantage over others who posses something they want or need.

To be clear however the motivations are not always financial, some are motivated and manipulated by a desire for revenge or need for a sense of control and power. This is however no excuse, as conspirators they shall be held accountable along with the hardened criminals.

The Gunslinging Marshall and the Hanging Judge win the wild west

We all know the stories of the wild west. It was not until 1919 after the creation of the state of Arizona and the last recorded robbery of a stage couch, the period of the wild west was considered closed. However to get to that point we have many stories of hard and determined men who braved the wilderness and faced down the brutality of lawless towns. Towns like Tombstone were made safe and civilized by frontier marshals such as Wyatt Earp and judges who handed down stern sentences.

Bad things stop escalating when good people voice their objection and empower law enforcement, however they never really cease as an issue until hard and desperate men make it very expensive for them to happen.

Many of the issues presently faced by local law enforcement is the fact that many officers and much of the public still don’t accept this as a serious crime. The public accepts cybercrime as wrong however are uneasy with the consequences of incarcerating a young adult for several years for reading someone else’s email. In some jurisdictions there might not be the legal and technical infrastructure available to detect, deter and detain criminals at the speed at which criminal activities are done on the internet.

To begin with we will require an objective and resilient definition of the cyber criminal network its components and activities to satisfy legal introspection, association with legal precedence and commensurate sentencing.

The groups activities center on

cross border scams and cash transfers
web based blackmail with the intent to extort cash
blackmail with an intent to coerce sexual favors aka rape
corporate espionage with the intent to acquire business deals
corporate espionage with the intent to hijack identities and web presences with the intent to masquerade as the victim and defraud employers, clients and partners of funds.

Available Laws

Those activities presently covered by the cyber crime laws
Those activities which are uncertain and undetermined. These must be resolved using other tools such as criminal prosecution or law suits.

Criminal Participation

Participants in committing violent crimes including theft, assault, rape and murder.
Conspirators who provide information, logistics, technical and physical support to these assailants wittingly or unwittingly, without or without malicious intent, with or without duress. Activities such as supplying banking, government identity information, reporting on the victims whereabouts should be charged as conspirators to any resulting crime such as murder, rape or theft. Sentencing should be harder for those who where rewarded for their participation or who possessed knowledge of the crime before or after.

Continuing with our analogy we will require standing courts which can quickly determine the polices desire to complete a wiretap, confiscate equipment or require the provision of passwords to devices and applications. The period of request and approval should be minutes and not hours, and the requirements predetermined based on precedent in other jurisdictions.

Similar given the nature of technology there should be no need for human intervention given that much of cyber crime can be observed in real time by computers and patterns identified by machine learning. This mitigates the threat of an invasion of privacy.

Active listing of audio and text communications: The US currently logs and listens to all calls leaving their country. When key words are detected a notification is sent to a human. The police should have the ability to install an automated system that alerts based on key words as well as look for patterns such as lotto scams which have a preset pattern of perpetrator and victim.
Active monitoring of identified members: Once identified a member of the cyber criminal network and his contacts should immediately become subjects of automated surveillance. Their movements, bank records and communication patterns should be logged and patterns of criminal activities or conspiracy.
Information acquisition and dissemination: Given the vast quantities of information being gathered. The Cyber Crime court should be provided with a portal to access evidence in pre-sorted manner which can support the issuance of a warrant.

Using evidence from the above or other credible evidence the 24 hours active Cyber Crime Court should immediately grant an electronic warrant authorizing police action without excessive discussion or delay.

The victims in these crimes are often persecuted and considered reckless in the case of businessmen “how do you know who you are doing business with, why did you give your money away” and immoral in the case of many women “why would you send naked pictures, your sinful nature has caught up with you”

It is historically the case that most egregious villains are only stopped when their so called crimes have been linked to more traditional crimes google Digicel Hacked or Jamaican Girls Exposed.

Guidance to victims

As you encounter different members of the cyber criminal network. Report ever conversation to the police ensure you get a receipt for your statement and save it. It may require several visits to the police in-order for a pattern to be developed that the police can act on. But it is important that you always report it as soon as possible. If you live abroad report it immediately to local and federal authorities such as the FBI in detail, this will place emails and accounts discovered in watch lists globally. If you are attacked on social media platforms such as facebook or other platforms such as paypal or whatsapp report it to the platform either using a complaint form or voice conversation. Facebook or paypal will begin to monitor the reported accounts globally. Similarly the phone company has an obligation to investigate and include the police in an reported incident of fraud or intimidation. The more people report these events the faster we can put an end to these criminals.

Make copies and screen shots of digital conversations. Take note the time of day, accounts and the devices on which you were attacked.

Make note of phrases which are meant to justify criminal or unethical behaviour. These can be used to detect other attacks and other members of the cyber criminal network.

If you observe the cybercriminals talking on the phone, mark the time and date, also get the criminals phone number. This will allow the police to isolate other members of the cyber criminal network, especially if they are bragging or conspiring to commit crimes.

Guidance to law enforcement

As you encounter different members of the cyber criminal network. Look for commonalities and relationships. Common contacts, social media friends and groups. Check for common browsing history, searches and web addresses.

Check for common locations and travel patterns. Locate their friends and families.Find relationships between the members of the network.

Look for common language or references in their statements and messages, decentralized networks that spread like viruses require a common message, culture and philosophy to re-enforce autonomous behaviour.

Once you have two or more members of the the network, you can start monitoring those people and in short order you will have the phone number and location of other members.

Observing each member will reveal criminal activities which can be used as leverage against other members and prosecution.

If you know of existing crimes, its good to get recordings and witnesses which will enable you to bring the network to justice.

Guidance to Cyber Criminal Network

Please stop, recognise that you are committing a crime and hurting people. You are destroying lives. In the end you will destroy your own life when you are caught.

I advise that you approach the police and indicate to them

Why do you participate
Who contacted you and corrupted/tricked you into participating
How you were contacted and encouraged to participate
How you get information on targets
What tools, videos, images, whatsapp groups, mobile apps, phone numbers and contacts or web addresses that were provided.
Advice or warn the people who are being targeted that their information is being distributed online and that they are being targeted.
Return cash or make amends immediately.

It is better to report it now to the police to avoid a serious sentence should they find you before or submit information anonymously.

References

The Cyber Criminal Network

Written by michael.gordon