Money flow model in shadow information economics

Abstract. This paper aims to research the money flows in shadow information economics from a botnet owner’s point of view: main expenses and profit routs are analyzed.

Introduction. The negative impact of shadow information economic cannot be questioned. Estimates show that damage done to economy is tremendous and tends to rise every year. Shadow information economics is defined as all the criminal and illegal activity related to information technologies.

The main components of the model are as follows:
• Counteraction (law enforcement) – this category includes all the expenses related to avoiding detection and potential losses in case the botnet was detected, or the malefactor was caught. Legislation and law enforcement are usually the main sources of botnet counteraction, although software and hardware protection like anti-viruses, firewalls are an option as well.

• Research and analysis (the market for ideas) – this category includes all the research related to the vulnerabilities in the most wide-spread software and hardware, research related to law shortcomings, and market research. Malefactors usually buy the results of such researches, spending considerable amounts of money, or research by themselves, spending considerable amounts of time.

• Development – this stage usually encompasses the transformation of the vulnerabilities acquired earlier into malicious software that will be deployed to victim devices in order to gain profit later. Profit may be gained from victims’ personal data, their devices’ computing power, etc.

• Money laundering – a service targeted at legalizing of the profit acquired in the shadow domain of information economics. It is important to note that money can be laundered both in the information domain as well as outside of it. Usually this service is provided in exchange for a part of acquired profit.

• Pay-per-install – is a service that consists of malware installation on a victim’s device. This method is extremely effective due to its versatility: there is no need to incorporate infection mechanisms into every piece of malware, thus greatly reducing research, development and testing costs.

• Command and control – this group of expenses includes hardware costs, command channels upkeep costs, internet service costs, electricity, search, creation and upkeep of proxy servers.

• Victims – this category includes both legal and natural persons, and government structures whose devices were infected, personal or confidential data stolen, or who have otherwise fallen a victim to shadow information economics.

More: Money flow model in shadow information economics