The very benefits of the Internet make it susceptible to being used against individuals, organizations, and states. The changing role of organized crime in a networked society demands understanding the risks involved when using new technologies. Misha Glenny, author of McMafia: Journey through the Global Criminal Underworld, explores the transitions and rapid expansion of what he calls the "global shadow economy," which today accounts for approximately 15 to 20 percent of the world's GDP. (1) According to Glenny, the great danger of cybercrime is the high risk of potentially affecting a large part of the world that is linked to the web and that finds significant value in its interconnectedness. In this interview, conducted by Ronald Davis of the Journal, Misha Glenny exposes the inherent problems associated with the nature of the Internet with respect to organized crime.
The Journal of International Affairs: Are there certain aspects of communication and globalization that have changed transnational organized crime today? How complex is the developing relationship between cyber and traditional transnational organized crime?
Misha Glenny: Cybercrime emerged outside of the regions of traditional organized crime because cybercrime requires different skill sets than traditional organized crime. Few organized criminals in the 1990s and early 2000s had any of those skills, nor were they alert to the possibilities of cyber. The tools you require for cybercrime basically include the ability to adapt very quickly to technology or know somebody close to you who possess those skills. Many tended to be young people who lived in areas with high levels of criminality, not necessarily traditionally, but because of the transition that the economies they were living in were going through at that time. That, in particular, explains the high level of cyber criminality in the former Soviet Union and in parts of Eastern Europe. These young people with hacking skills were not necessarily from the criminal milieu.
There are two fundamental skills you need for cybercrime. One is hacking skills, with which you can explore data from computers, and the other is social engineering. The latter involves persuading people to do things with their computer that are not objectively in their interest, such as giving up data or clicking on links that lead to the download of malware, thus compromising their privacy and security. The skills involved in social engineering and hacking are very different skills. The people who have these skills, whether separately or combined, tend to be young people who spend a lot of time on computers, and statistically are 95 percent male. Most forms of crime have a gender split, hovering around 80 percent male to 20 percent female. So cybercrime is very gender specific.
In the case of traditional organized crime, in order to protect markets, criminals need to have the ability to deploy violence or at least credibly threaten the deployment of violence. That is entirely absent in the cyber world. You can commit a crime and commission it in one place, and the crime can be perpetrated against someone several thousand miles away from where you actually derive the benefit of the crime. For example, you could hack someone's account in California from Kazakhstan and retrieve the money in Dubai without anyone realizing that it is going on. So there is no need for violence, and you don't need to protect yourself from the violence that is deployed by competing gangs as you do in traditional organized crime. Ultimately, cybercrime and traditional organized crime use different types of skills and tools to carry them out.
Journal: Although "cyber" inherently means operating virtually from practically anywhere, what characteristics make certain places function as hubs for cybercrime today? Are these clusters regional or global, and how are they formed?
Glenny: We saw countries incubate cyber regions in the late 1990s and in the first decade of this century. …