«
»

Cybercrime As A Service

Posted by spoofy on March 29, 2010 – 3:47 am      
Filed under General, Media

I think everyone has heard by now that Albert Gonzalez , one of the 11 hackers involved in the Heartland breach, received a 20 year sentence for his role in the crime.  Mr. Gonzalez called his operation “Get Rich or Die Trying” and to be frank he did get rich, at least far richer than most security professionals in the industry.

To give you an idea of the type of wealth we are talking about here, Albert spent $75,000 on his birthday party and often complained that his money counting machines often broke. At the time of his arrest, the Feds seized over $1 Million in assets.  That doesn’t include the $1.65 Million buried in one of the most original places known to man, his back yard.  Maksym Yastremski, one of Gonzalez’s partners, made over $11 Million from 2004-2006.  After looking at the numbers, I could not help to wonder how profitable Cybercrime As A Service would be?

The current estimate is that 153 million card numbers were stolen as part of the breaches at TJ Maxx, OfficeMax, Heartland; and a few others. The people at Kaspersky Lab’s say that card numbers sell for $2-6 USD.  If we pick a number right in the middle (4) that would be $612 Million if you assume all cards were sold. Like any other business, these guys have overhead and various other expenses.  Also, not all members of the ‘gang’ were paid equally.  Some guys, like Stephan Watt, did not even participate but merely provided a sniffer to Albert for a fee. They even had a guy (Humza Zaman) to launder the money who was also paid for his time. Out of the 11 people listed in the case, only 4 had active roles in the actual hacking.  So we cannot assume each person was paid equally.  Either way, it works out to a fairly nice sum of money for a few years work.  Moreover, there is not a single Security company today that has had such explosive revenue growth during their first few years in business.

They now even have cloud-based providers who effectively act as online brokers for stolen credit card information.  So investors get your checkbooks ready, because Cybercrime just might be the next Twitter!

Comments RSS Feed   Post a comment   Trackback URL   Share on Twitter   Share on Facebook

2 Comments

  1. hm says:
    March 30, 2010 at 7:53 am

    “…it works out to a fairly nice sum of money for a few years work…”
    Did you forget about 20 years in prison and seizing the assets?

  2. spoofy says:
    April 1, 2010 at 2:52 pm

    That’s a good point, the tax rate for criminal organizations is 100%

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*