April 24, 2012 00:01 ET

Leading Russian Security Firm Group-IB Releases 2011 Report on Russian Cybercrime

Russian Mafia Organizes Russian Cybercrime Market Which Doubles in Size

MOSCOW--(Marketwire - Apr 24, 2012) - Group-IB, a leading Russian cybercrime investigation and computer forensics company and LETA Group subsidiary, today announced a 28-page report on the Russian cybercrime market in 2011. Analysts from Group-IB's computer forensics lab and its CERT-GIB unit prepared the report.

The report outlines the main risks associated with various types of hacker activities, analyzes the main trends in the development of the Russian cybercrime market, estimates the shares and the financial performance of the Russian segment of the global cybercrime market, and forecasts market trends for this year.

A summary infographic is available at and the report itself is available at

Key Trends in 2011:

  • Russian Cybercrime Doubles: The global cybercrime market was more than $12.5 billion in 2011. The global Russian speaking component of that market was more than $4 billion; and the Russian national cybercrime market was $2.3 billion, essentially doubling last year's number of $1.2 billion.

  • Mafia Professionalizes Russian Cybercrime: Traditional crime syndicates are beginning to organize the previously disorganized Russian cybercrime market. In addition, these crime syndicates are beginning to work more closely together, sharing compromised data, botnets, and cashing schemes.

  • Online Fraud and Spam Account for More than Half of Russian Cybercrime: In 2011, the largest type of Russian cybercrime was online fraud at $942 million; followed by spam at $830 million; cybercrime to cybercrime, or C2C (including services for anonymization and sale of traffic, exploits, malware, and loaders) at $230 million; and DDoS at $130 million.

  • Criminal profiles: In its report, Group-IB specialists and CERT-GIB analysts profile details of 5 cyber criminals caught in 2011: Vladislav Khorokhorin, Oleg Nikolayenko, Yevgeniy Anikin, Maksim Glotov, Andrey Sabelikov.

Group-IB suggests that Russian laws are critical in getting traction against the global Russian cybercrime market. Although Group-IB feels there has been progress with recent laws introduced by Russian President Dmitriy Medvedev and enacted by the Russian State Duma, these laws do not yet go far enough.

Steps For Reducing Russian Cybercrime:
The report recommends steps that will significantly improve the number of solved computer crimes, change the existing law enforcement practices, and establish proper international cooperation in this field. These recommendations include:

  • Clarify language of new laws: Amend the law with an additional conceptual apparatus related to issues of information security and information technologies. For example, the term "botnet" needs to be introduced, perhaps under a different name, which remains and will remain for the foreseeable future the main tool for committing the majority of cybercrimes. In addition, change the term "computer information" in the existing law, which does not fully reflect the nature of computer information, leading to possible incorrect interpretations of this term.

  • Increase penalties: Make the penalties for crimes committed using computer technologies more severe.

  • Update, amend and augment criminal procedures: Create more effective criminal procedures around gathering "digital evidence" such as describing the procedures and actions related to procuring, securing, and investigating; and creating a separate definition for the crime scene of a cybercrime and establish a specific place of investigation of such crimes.

  • Improve Law Enforcement: Organize federal and regional training programs for the judicial, prosecutorial, investigative, and law enforcement agencies, including seminars regarding the issues of cybercrime investigation.

  • Improve International Coordination: Develop a document for submission to the UN, establishing the principles of international interaction against cybercrime, while also respecting the sovereignty of the member states, as opposed to the Budapest Convention.

"The cybercrime market originating from Russia costs the global economy billions of dollars every year," said Ilya Sachkov, Group-IB's CEO. "Although the Russian government has take some very positive steps, we think it needs to go further by changing existing law enforcement practices, establishing proper international cooperation and ultimately improving the number of solved computer crimes."

About Group-IB:
Founded in 2003, Group-IB is an international company and the leader of the Russian cybercrime investigation market. Group-IB provides comprehensive cybercrime investigation services, from rapid incident response to post-incidental consulting. Group-IB's computer forensics and malware research lab provides independent computer forensic investigations and works with corporations, as well as Russian law enforcement agencies. Created on the basis of Group-IB, CERT-GIB is the first private emergency response team in Russia operating around the clock. Group-IB is part of LETA Group.

Contact Information