Most of this decrease, said Group-IB at a press conference at Ria-Novosti, Moscow, yesterday, comes from improved figures for internet fraud: down from $697 million to $615 million (with only phishing-based fraud bucking the trend and increasing from $55 million to $57 million).
Group-IB gives four main reasons for this improvement: the successful targeting and dismantling of criminal groups; improved interbank co-operation; better use of anti-fraud systems; and successful actions against botnets.
"The government’s crackdown on some of the most active cybercriminal groups is a key reason for the fall, Nikita Kislitsin, head of the botnet-monitoring department at international cybersecurity company Group-IB," writes RIA Novosti.
The company's associated report gives four examples of botnets shut down: Dragon, Grum, Slenfbot and Virut. Criminal groups 'dismantled' include the Carberp gang (8 members arrested in March 2012 by "the FSB and the Russian Ministry of Internal Affairs, assisted by Group-IB"), and the Hodprot gang. "On 5 June 2012, the organizer of the criminal group Germes alias Arashi was detained. At the time of his arrest, there were over 6 million computers in his botnet."
But the international nature of cybercrime remains a problem. "This Group-IB report, centered on empirical evidence gathered on Russian cyber crime, shows a global rise in cyber criminals using an array of methodologies to attack end user's online banking services," states Dan Clements, Group-IB's US Managing Partner. "The report also shows that these types of attacks are carried out by cyber gangs, some of which have been dismantled and some arrests have taken place."
He continued, "The report also shows that global cyber laws are still somewhat ambiguous and that that governments vary on cyber crime punishments. These issues provide a challenge for law enforcement and the financial sectors to work more closely in a transparent cross border effort to apprehend cyber criminals."
This call for greater international cooperation seems at odds with the recent Russian Foreign Ministry's warning to Russians to be wary of being 'kidnapped' by US law enforcement while traveling abroad - although this may be a temporary tit-for-tat attitude following Obama's cancellation of a visit to Russia, which in turn followed Russia's temporary asylum for Edward Snowden.
Other highlights of the report show an overall reduction of spam in Russia: only 'medical' spam has increased. DDoS attacks are also down. One area that has increased (although counter-intuitively it is still an improvement) is the cost of the criminal infrastructure; up from $230 million to $261 million. In effect, criminals are having to spend more to do what they do. "There was an increase in infrastructure spendings on botnets and malware distribution," says the report. "This trend is related to a general increase in the security level of client workstations and to the technological improvement of the software used."
The report doesn't show a huge improvement in the overall cybercrime market in Russia; but any improvement at all must be seen as a success.