The majority of digital crime is co-ordinated and not the action of lone criminals, according to a study commissioned by Detica.
While 80 percent of electronic crime is being perpetrated by groups with varying degrees of organisation, only around five percent of online crime is being committed by traditional organised crime groups involved in mafia-like operations, report author Mike McGuire told ZDNet UK on Wednesday.
"Street crime groups or 'mafiosi' have started to use digital tools, and accounted for something like five percent [of online crime volume]," said McGuire. "There's not a huge amount of evidence for the mafia taking over the internet."
McGuire, a senior lecturer in criminology at London Metropolitan University, studied over 7,000 documents, including police reports, and found that a range of crime groups with varying degrees of competence and demographic make-up were operating. The report, Organised Crime in the Digital Age, looked at 500 criminal incidents, and found that just under half of online crimes were perpetrated by people over 35.
"We wanted to move away from the zero-sum [assumption that either] it's two kids and a dog in a bedroom sending out malware around the world, or it's the mafia," said McGuire.
Six types of online crime
An online executive summary of the report split online crime groups into six different types, ranging from 'Swarms' to 'Hierarchies'. 'Swarms' included groups with a structure similar to the Anonymous hacktivst collective: a decentralised structure with the group prone to spontaneous action. 'Hierarchies' included groups like the mafia, as well as governments engaged in legal variants of hacking.
Seventy percent of the criminal activity was perpetrated not by hacktivists, but by so-called 'hybrid' or 'hub' groups, said McGuire. This sector included black economy operations, such as small numbers of individuals clustered around specific activities such as making counterfeit credit cards from stolen data but with no central structure (hybrid groups), and more organised 'hubs' involving core criminal group members with a periphery of criminal associates, said McGuire.
In delineating crime groups, the report did not differentiate between the severity of the crimes involved, said McGuire. The term 'crime' included a wide range of activities, from the physical abduction of hackers and violent beatings to extract PIN codes, through to hacking and data theft to cause reputational damage.
In 2011, Detica brought out a public report that estimated the losses to the UK from cybercrime to be £27bn. Security experts criticised the report as being little more than a 'sales exercise' for Detica, pointing out that the UK authorities do not have concrete figures for online crime losses.
Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.