One overriding message will emerge from Europol’s Serious and Organised Crime Threat Assessment 2017 to be published this week: the Godfathers have finally gone digital. Drones, tracking devices, social engineering, hacking, encrypted communication have in a short space of time been added to the villain’s bag of tricks alongside the crowbar, the knuckle-duster and the gold chains.
This is a development that law enforcement agencies dealing with transnational organised crime around the world have been dreading. For much of the past 15 years, traditional organised crime and cyber crime have been two discrete branches of elite malfeasance.
For Europol, which acts as an information exchange for the EU’s 28 national police agencies, that is an immense challenge. Electorates continue to clamour for more police on foot patrol. But these days vast sums are required to keep up with the technological challenge from sophisticated organised crime gangs.
According to the SOCTA, Europol is now combating 5,000 international crime groups within the EU, 1,400 more than in 2013. But there are many others operating outside the territory while selling their illicit goods and services into the EU.
Less than a decade ago, a Swedish cyber criminal described how he had tried to interest his father’s organised crime operation in Malmö in online credit and debit card fraud.
“The returns were much higher and the risks much lower,” he explained to me, “but they just couldn’t get their heads round the technology. They preferred to stick with what they knew best — baseball bats, Semtex and stockings over their heads.”
His response hinted at the gulf that has kept apart old-style crime and the new world of criminal hackers: the use of violence. In the world of mafia organisations, if you cannot deploy or credibly threaten intimidation, you don’t make the starting grid. Violence is the sine qua non of traditional organised crime. But in cyber crime, the physical is not an issue: you can hatch a crime in Astana with your victim in LA while organising the cash-out in Dubai.
As a consequence, cyber crime has attracted perpetrators with a wholly different social profile from the hitmen of Sicily, the sicarios of Pablo Escobar or the fingerless enforcers of the yakuza. They often start very young. More experienced cyber criminals monitor the activity of youngsters with aptitude on the dark net and recruit them by gently enticing them into criminal activity — a process that begins before the young hacker has a developed moral compass.
The hackers and malware writers are often geeks with limited social skills and rarely any record of thuggery. Meanwhile, the front line of cyber crime is waged by people known as social engineers — modern confidence tricksters who persuade you to do things on your computer which you will later regret.
But now traditional organised crime has understood that embracing technology can lead to spectacular profits. In one court case in Brussels, a Dutch-Turkish group importing heroin from South America persuaded two techies to hack into the port of Antwerp and manipulate the unique nine-digit PIN numbers that every seagoing container is allotted. Using this they were able to digitally mark the containers with cocaine as having been customs cleared.
Europol anticipated this shift four years ago by establishing its cyber unit, EC3. But with encrypted communications, which are virtually unbreakable, now becoming the standard for crime groups, the revolution in technology is often seen as much as a curse as a benefit by law enforcement around the world.
The writer is author of ‘DarkMarket: How Hackers Became the New Mafia’
Copyright The Financial Times Limited . All rights reserved. Please don't copy articles from FT.com and redistribute by email or post to the web.