I’ve now moved into the second chapter of Future Crimes by Marc Goodman which digs deeper into the escalating threat in the cyber realm. Goodman speaks to the vulnerability of critical infrastructure, such as trains and airports, to cyber threats. He unpacks a long list of examples where teenagers or seemingly amateur actors were able to hack and disrupt critical infrastructure systems. Later in the chapter, Goodman talks about terrorism and something he wrote really caught my attention.
“Terrorists seem to be getting the message, and both the 2004 Madrid bombings at the Atocha train station, in which 190 people were killed and nearly 2000 wounded, and the 7/7 London bombings, in which 52 civilians were slain and over 700 injured, were funded in whole or in part through hacking and credit card fraud.” – Goodman
That last part blew me away. The passages before this quote explained the growing accessibility to stolen money through “carding” or fraudulent cards and how there are large criminal networks that provide the stolen information to any one with the cash. I don’t think this chapter covered cryptocurrency or if there will be mentions later in the book, but that threat, in the same context, could have even greater impact.
All of this leads to the title of this article. If terrorist organizations and lone wolfs/rogue actors are funding part or all of their operations using stolen digital money online and the accessibility of this information is only growing, we can start to draw a line between the cyber and physical threat environment. The $1Bb hacks we’ve seen at Target and other large companies in the past may alarm us and make us temporarily protect our financial information, but average people neglect to ask where the money is going instead. What happens when, instead of having to purchase stolen information online to fund a terrorist operation, terrorist organizations have an embedded cyber capability that allows them to source stolen money on their own?
Read more about the inner workings of the Target hack here.
“As the technical hacking skills of terrorist organizations increase, so too does the amount of ill-gotten gains they are capable of generating online.” – Goodman
From what I understand, and I could be wrong, in the United States, financial crimes are left to the FBI for investigation. I also understand that after 9/11, counter terrorism has become the primary focus of the FBI. Its worth having a conversation about merging counter terrorism and cyber capabilities at the federal level. It’s likely that this capability is already being developed, but if a look at the private sector is any indicator, it isn’t happening fast enough.