Nicolae Popescu was born in the small city of Alexandria, a two-hour bus ride south of Bucharest. After organising a digital scam to sell hundreds of fictitious cars on eBay, and pocketing $3 million, he was arrested in 2010 but eventually was released on a technicality. He is currently a fugitive from justice and the American reward for any information leading to his capture is $1 million.
While Popescu occupies a prominent place on the FBI’s ‘Cyber’s Most Wanted List’, he is just one of a number of high-profile cybercriminals hailing from Romania. In common with numerous other Romanians in this business, his expertise is ‘online auction fraud’. This form of activity began largely with the exploitation of eBay customers, but has now migrated to other platforms as well. It is built around the sale or rental of fictitious goods and services. This type of activity might seem unsophisticated, but it can net the fraudsters millions a year and has spawned a cottage industry. What is essential to note is the local nature of this industry: many offenders are known to each other and work together in person.
This often-overlooked local dimension of the phenomenon is not a strong feature of the academic literature or the popular press, which conventionally see cybercrime as a largely anonymous activity that exists in cyberspace. This leads to a sense that shadowy attackers could strike from anywhere at any moment: a new type of threat that challenges existing paradigms of crime and policing. In contrast, we believe the supposed anonymity of cybercrime should be counteracted by studying both the individuals behind cybercrime and the offline worlds they inhabit. It is vital to acknowledge that all cyber-attacks stem from a person who physically exists in a certain location. The economic and social dynamics of different settings are likely to variously influence who gets involved in cybercrime, what types of cybercrime they carry out, and the way they are organised.
Applying this approach to the case of Romania—a leading cybercrime hub—we explored the offline and local dimension of cybercrime in this country. Our interviews with law enforcement, security professionals, and others suggested that understanding the specifics of the Romanian context is vital to comprehending the nature of cybercrime there and how it emerged. Important factors appeared to include the technical legacy of communism; a lack of economic development; and widespread corruption/protection. These elements should be understood at both national and regional levels.
“It is vital to acknowledge that all cyber-attacks stem from a person who physically exists in a certain location.”
The Romanian case suggests that cybercrime can thrive thanks to offline social networks. In particular, this type of Romanian online fraud was centred around some key geographical hubs, such as the town of Râmnicu Vâlcea (sometimes colloquially known in the media as Hackerville, but a more accurate title would be Fraudville). In such places, cybercriminals often choose to work with those who are from the same school, neighbourhood, or have other connections. Trust seems to be enhanced in these cases and newcomers can then learn the trade. The second way in which social networks enhance cybercrime is through protection. In places where the local institutions are weak and corruption is widespread, cybercriminals make payments to corrupt officials or rely on influential acquaintances in their circle to protect them from arrest.
A number of these points do not relate only to the case of Romania, but also cybercrime in the West and many other jurisdictions. The offline/local dimension of cybercrime appears across both hi-tech and low-tech offenders as well, and mirrors broader debates on the nature of organised crime. It particularly supports arguments that organised criminal enterprises are often much more local in nature than people realise.
While the victims can be thousands of kilometres away and surely need to be vigilant, cybercrime also needs to be tackled in the places where it originates. The Romanian example potentially offers a way forward. After the country, and specific locations within it, were noticed as a major cyber fraud hub, both Romania and others have taken action. Successful relationships have been developed with foreign law enforcement agencies and companies. Manpower and resources have been allocated to the problem, including locating investigators on the ground. Training programmes have been run to increase law enforcement and prosecutorial capacity in this area. The effectiveness of these approaches would benefit from greater study and assessment, not only to evaluate how successful they have been in Romania, but also how they might be adapted successfully to other jurisdictions. The countries where the victims reside cannot win this fight alone. But the countries producing large amounts of cybercrime, also need assistance in carrying out this fight on the ground.
Featured image credit: Spyware, Cyber, Cybercrime by Macedo_Media. CC0 public domain via Pixabay.