People tend to get involved in criminal enterprises when the return on investment is high and the risk of loss is low. This calculation is done daily for cybercriminals and they have concluded that continuing to commit fraud, theft of financial information and intrusion into networks around the world will be beneficial.
When personal computer technology was relatively new and networks first became popular in the 1990s, people engaged in illegal hacking activities did so with the aim of improving knowledge of the system, testing their capabilities, and competing with others for recognition as the best hackers.
As a result, intrusions into networks, from military facilities to commercial organizations, are less of a nuisance and may not pose a long-term risk to security. Moreover, while viruses, spyware, and Trojan horses become more disruptive, these intrusions are seen as an annoyance just like destructive behavior. In addition to disabling a computer or making it run slower, intrusions like these don’t reach the levels of concern often associated with criminal behavior. However, as history shows us, whenever a group of people develop skills that give them an advantage over society as a whole, some people will eventually take advantage and fall victim to society.
According to the FBI and the Computer Association, the last few years have seen an explosion of computer security breaches used for theft, extortion and fraud. This new type of cybercrime is no longer driven solely by ego and technological ability.
Instead, cybercriminals have found that the skills they learned as teenagers — infiltrating high school networks or creating disruptive viruses to brag about with friends — are now also useful in making a comfortable living.
Unlike real-world crime, cybercriminals require little or no investment to execute. A criminal stalking someone on the street needs to have a gun and some basic know-how, and such a crime carries the risk of jail time or injury if the victim gets into a fight. More complex criminal activity, such as robbing a bank or operating a guard racket, requires organizing multiple people and, to a certain extent, equipping and training them. In the real world, economic laws apply to criminals, and criminals must make decisions about how much they can invest and the risks.
Online, a potential criminal often simply worries about the possibility of breaking into secure systems or tricking someone into disclosing his or her financial information. Cybercriminals can operate remotely from countries where they are less at risk of being interfered with by law enforcement. Through the very systems that make e-commerce possible, cybercriminals can easily commit crimes. Also, unlike in the real world, cybercriminals don’t need to deal with groups or individuals competing on territory.
Therefore, it is easy to enter the market, and because the market is so large there is little direct competition. In fact, cybercriminals often have collaboration and loose networks, instead of vying for control like real-world gangs, they work together to improve their abilities and skills as well as seek new opportunities. This “open source” organization is one of the reasons why cryptocurrency crime is so difficult to fight by using traditional methods and organizations. For example, decentralized and static law enforcement agencies, which often rely on defined internal laws, regulations, and processes to operate effectively against crime. Effective tools for law enforcement agencies on the street are not effective in the virtual realm. The technology and tactics of cybercriminals can change faster than law enforcement can adapt to them.