The International Association of Interbank Financial Communications (SWIFT) has published a new report focusing on how criminals launder money after a successful cyberattack.
Circumstances surrounding money laundering
According to the report, the amount of damage caused by cyber crime in one year is estimated to be 1.5 trillion dollars , which is a serious problem.
The cyber attacks focused on the report are attacks on high-value payment systems and many ATM control and management systems, such as physical attacks on individual ATMs, counterfeit cards, malware in banking systems, and business email. Attacks by takeover are not included.
At first glance, it seems that only a limited amount of money can be attacked against ATMs, but millions of dollars have been stolen through numerous attacks. And recently, the target of cyber attack is to shift from high-value payment systems to payment systems of ATMs and the administrative department that supports them.
The process of money laundering after a successful cyber attack can be roughly divided into the following three.
"Placement": Introduce illegal funds into the financial system
"Layering": Disguising and hiding the source and owner of funds through multiple transactions
"Integration": Reintroducing washed money into a legal economic system or reinvesting in criminal activity
At the time of "placement", it is the so-called "couriers" that supports cybercrime, which can be used to withdraw money from ATMs and to connect fraudulent activities and funds using accounts created in advance for the carrier.
The report notes that the process of layering using multiple stages is the most substantial part of money laundering.
In many cases, the funds withdrawn from ATMs tend to be first exchanged for US dollars at exchange offices. (There is also the possibility of accomplices at the money exchange office) And there was an example of using an intermediary to get funds to the criminals.
In addition, the establishment of a front company as a covert business, industries that handle high-value products such as gold and jewelry in cash, and cash businesses such as sports betting and casinos are often used for money laundering. Especially in some jurisdictions, casinos are being used as a good way of money laundering because they do not reveal their identities and no prize money is reported.
According to the report, the conventional method of using cash as described above is the mainstream of money laundering, and there are still few cases of using cryptocurrency.
However, SWIFT warns that not only hackers, but also concerns that cryptocurrencies will be used for money laundering. He pointed out that the highly anonymous cryptocurrency and cryptocurrency mixing services that make it impossible to identify the source of funds could lead to their use for malicious purposes.
Prepaid cryptocurrency cards also facilitate the exchange of cryptocurrency into fiat currency. Until now, it has been discovered that jewelery, cars, and real estate have been purchased with illegal funds by using Bitcoin prepaid cards.
He points out that there are easy-to-purchase sites around the world, from luxury watches and jewelry, art objects to real estate such as luxury penthouses and islands.