Government

10 jobs within cybercrime organizations

From coders and hackers to cashers and money mules, the FBI outlines the 10 specialized positions found in cybercrime organizations.

Just as doctors specialize in a particular field of medicine, cybercriminals often focus on a single area of technical crime, according to Steven R. Chabinsky, FBI Deputy Assistant Director, Cyber Division. During his keynote address at the GovSec/FOSE Conference in Washington, D.C. last March, Chabinsky outlined 10 specializations the FBI typically sees within the world of cyber crime.

They are:

  1. Coders or programmers: "who write the malware, exploits, and other tools necessary to commit the crime;"
  2. Distributors or vendors: "who trade and sell stolen data, and act as vouchers of the goods provided by the other specialties;"
  3. Techies: "who maintain the criminal infrastructure, including servers, bulletproof ISPs, and encryption; and who often have knowledge of common database languages and SQL servers of course;"
  4. Hackers: "who search for and exploit application, system, and network vulnerabilities to gain administrator or payroll access;"
  5. Fraudsters: "who create and deploy social engineering schemes, including phishing, spamming, and domain squatting;"
  6. Hosters: "who provide "safe" hosting of illicit content servers and sites, often through elaborate botnet and proxy networks;"
  7. Cashers: "who control drop accounts and provide those names and accounts to other criminals for a fee, and who also typically control full rings of our eighth category, money mules;"
  8. Money mules: who complete "money transfers or wire transfers between bank accounts;"
  9. Tellers: "who help with transferring and laundering illicit proceeds through digital currency services and between different world currencies;"
  10. Leaders: "They're the "people-people." They choose the targets; choose the people they want to work each role; decide who does what, when, and where; and take care of personnel and payment issues." Many according to Chabinsky don't have any technical skills.

For a more in-depth explanation of each specialization, you can read the complete text of Chabinsky's keynote on the FBI Web site.

About

Bill Detwiler is Managing Editor of TechRepublic and Tech Pro Research and the host of Cracking Open, CNET and TechRepublic's popular online show. Prior to joining TechRepublic in 2000, Bill was an IT manager, database administrator, and desktop supp...

38 comments
seanferd
seanferd

I'm a freedom-fighter hacktivist! I'm just not a "good fit" with such organizations. :p

RayJeff
RayJeff

being 3 of the 10. Numbers 1,3 & 4. Hey..can't help it. A several of my jobs, I had to be proficient at several skills :D

Popsprice
Popsprice

The next time you do an article on PCs or Macs will you ask your readers if they would rather be a Bill or a Steve? The characters you described are just criminals and should spend time in prison with bank robbers and murderers. Why would anyone want to emulate them?

AceNewsService
AceNewsService

I would not become a cybercrime hacker or anything of that type as l try to protect people onthe web by putting a lot of security alerts on my blog and help and guide people through security updates.

NickNielsen
NickNielsen

I'd be the techie. Glad it's hypothetical. I couldn't knowingly work in such an environment.

jkameleon
jkameleon

Dilbertization is just a question of time.

moktarino
moktarino

I'd be the Sysadmin/helpdesk. "No... no.. no don't click on anything until I tell you to... ok, let's go back to start... no, I didn't say 'all programs', I didn't say anything except 'Start'. Ok, now click 'Control Panel'... no, don't go into 'internet options'... listen, if you keep going ahead of me you can call back after I've had a beer to calm down. I don't care how many valid credit card numbers you're sitting on, if you want your Outlook Address Book to work you're gonna have to do what I ask..."

Bill Detwiler
Bill Detwiler

From coders and hackers to cashers and money mules, the FBI outlines the 10 specialized positions found in cybercrime organizations. Check them out in my blog post: http://blogs.techrepublic.com.com/itdojo/?p=1632 This list go me thinking. Which of these cybercrime specializations gains the most "respect" with the IT crowd. And, which type of cyercriminal would most techies want to be. Movies and television often focus on the "hacker," but there's a lot more to the world of cybercrime. Important note: Before anyone gets bent out of shape, my question is purely hypothetical and not intended to encourage criminal activity. Fraud, theft, and unauthorized computer access are serious offenses. Just ask Albert Gonzalez--ringleader of the TJX attacks who was recently sentenced to 20 years in prison.

JCitizen
JCitizen

I'd be too busy beating up on my fellow crackers for being criminals! Just can't turncoat myself; goes against my grain; just isn't happening! :p

harryolden
harryolden

There is still one here in perth west Australia who went missing about two years ago thy are still looking for him and there are still a few people sitting on hot coals keeping a low profile

JonGauntt
JonGauntt

Don't people read anymore? In his article, Criminal Mastermind Detwiler obviously states that he is quoting his source... "according to Steven R. Chabinsky" and even states what he does. How does this degenerate into a Bill/Steve debacle? Oh yeah, the failure of American Q. Publick and his ability to read before posting... heh heh Post out...

Bo Tym
Bo Tym

if you read the thread completely the question was posed as a hypothetical situation. Sometimes its fun to "pretend". Mind you, having 5 kids myself, the practice comes quite easily to me, as it apperantly does to others here. I'm not sure where I myself would fit in. If i had to guess, I think I would be a leader, as it most resembles my role here in the workplace. That and the guy who fixes the spreadsheets the others have so unskillfully mashed together, converted in to usable lists to ease the "payroll" or "accountants" job (while sneaking extra digits in to my personal pay-out cells ;-)

boomchuck1
boomchuck1

"I would not become a cybercrime hacker or anything of that type as l try to protect people onthe web by putting a lot of security alerts on my blog and help and guide people through security updates. " So, are you the one that keeps sending me all the warnings about the worst virus ever that will delete my hard drive and steal my dog?

NickHurley
NickHurley

I always figured that would be the one thing the organization wouldn't need, wouldn't the "leader" have contracted skilled operatives? If you were a system admin for Enron or other such organizations would that make you a cyber-criminal as well?

Economix
Economix

That's the best reply I've ever read on here and it's been a few years now. Perfectly executed narrative! Well done sir! Now go enjoy a beer yourself for those efforts.

HAL 9000
HAL 9000

Just been [b]Caught in the Act.[/b] ;) Or is that Dropping yourself in it from great heights? :^0 Col

tracy.walters
tracy.walters

...scamming us all along, Santee? Whoda thunk? :-)

jstinnett
jstinnett

I would make sure the job was in the Cyber-Criminals Local 88 before I got involved. Although these criminal organizations couldn't be any worse than the average corporate employer... :)

gueibor
gueibor

No job for me in crime then, I guess.

JCitizen
JCitizen

for all you reputable hackers out there that don't want to be associated with negative terms. Or criminal, a better definition. I know this is pointless to bring up with the way the public has been spoon fed these terms. I just feel the undeniable urge to say something.

AnsuGisalas
AnsuGisalas

... the undercover agent securing evidence for the bust of course!

V.H. Scarpacci
V.H. Scarpacci

In 2005 I read an ad for a 'Internet Researcher" and applied for this. I had been out of work for over 8 month by then and was applying for everything. I was called in for an interview. The place was in the basement of a city building and loaded with perhaps 60-80 PCs in racks. When the guy that interviewed me tried to explain what they did at this basement operation, one of the thing I was to do was 'collect e-mail address from websites' I exclaimed, "Oh, You're a spammer." He stammered and turn a brilliant shade of red. I never got a call back. I wonder why?

jck
jck

I make deposits, move things between accounts, etc. No one would EVER know. :^0

thegreenwizard1
thegreenwizard1

So if you don't know some one to do it. Just contact me. I'll be glad to help.

Economix
Economix

....seemingly the least amount of risk OR the most (dependent on the leader). A good leader wouldn't leave any trace besides a network of contacts who are seemingly involved. "YES, I know these people, BUT I don't know what they do in their free time." A good leader wouldn't micro-manage the individuals but rather let them run their talents and draw that pool of talents together to cash out. Seemingly simple. Now I just need 7 more of you to come up with proper roles and we'll get things rolling. First hack? TR! What's this? All their information is free anyway?!? Shit!

chriscampbellchr
chriscampbellchr

I don't accept that buzzword. "Cyber" is cheesy to say the least.

mafergus
mafergus

No way in hell I'd be the mule, those guys are everyone's biatches!

tracy.walters
tracy.walters

...Fatal System Error by Joseph Menn. Good read.

seanferd
seanferd

We've had several discussion here on why "cyber" is unnecessary, and even incorrect (and just plain lame). You get my vote.

JCitizen
JCitizen

need I say more? I definitely agree; crime is too good a term. Expletive-deleted? :p

Editor's Picks