It is a given that if there is money to be made from illegal activity, organized crime will be a player. So it is no surprise that multiple versions of the mob are active in cybercrime.
But how much of a player the digital mobs are, and whether that has led to a qualitative difference in cybercrime that requires a change in defense strategy is less clear.
To some extent, some difficulty in estimating the penetration of organized crime is inevitable -- criminals don't want to be caught, so they try to avoid scrutiny by law enforcement in particular and the public in general.
But most experts agree that it is a bigger player than it used to be -- that the trend in cybercrime is that it is increasingly more organized, in many cases operating much like legitimate businesses, complete with organizational charts, C-level executives and even human resources departments.
A recent paper sponsored by the RAND Corporation's National Security Research Division, titled "Markets for Cybercrime Tools and Stolen Data," said the increasing size and complexity of cybercrime black markets is because the hacker market, "once a varied landscape of discrete, ad hoc networks of individuals initially motivated by little more than ego and notoriety, has emerged as a playground of financially driven, highly organized, and sophisticated groups."
Author and global security strategist Marc Goodman, in a recent interview, said the old image of a hacker was, "17-year-old kids living in their parents' basements. Today, the average age of a cyber criminal is 35, and 80% of black-hat (e.g., criminal) hackers are affiliated with organized crime.
"In other words, people are choosing this as a profession," he said. "That's a radical shift, and it's led to the creation of increasingly sophisticated criminal organizations that operate with the professionalism, discipline, and structure of legitimate enterprises."
That 80% figure is a matter of some dispute. Goodman was citing the RAND paper, which included a caveat by noting that another estimate is that only 20% of the cybercrime market is operated by criminal organizations, while 70% is "individuals or small groups."
But according to Marty Lindner, principal engineer in the CERT division of the Carnegie Mellon University Software Engineering Institute, it doesn't make all that much difference to the defenders of networks if their attackers are organized criminals or ad hoc freelancers.
"The (good) guys in the trenches don't really care," he said. "Organized or not, they're all using the same tools. That's one of the more interesting parts of the malicious side of all this -- the organized guys buy the same stuff the disorganized guys do."
Sign up for CIO Asia eNewsletters.