Home / Blogs

Cigarette Smuggling and Cyber Security: Low-Tech Crimes Fund High-Tech Threats

You may not connect the cheap cigarettes sold under the counter (or out of a trunk, bodega or by a street vendor) with the mysterious charges on your credit card that you don’t remember making or the cash that has, somehow, just disappeared from your bank account. You also may not connect that website selling cheap cigarettes made in second and third world countries with Shellshock or whatever the fashionably scary cyber-threat of the day is when you’re reading this. But the Russian mafia and other Transnational Criminal Organizations and Foreign Terrorist Organizations understand the connections quite well. Criminals around the world know that tobacco trafficking is a lucrative, low risk way of raising cash that can be used to fund narcotics deals, arms smuggling, human trafficking and, more recently, the theft of credit card and banking data.

Stated simply, the same organizations which smuggle cigarettes also commit sophisticated cybercrimes ranging from identity theft to terrorism. Although hacking lore is filled with stories of kids who break into computer networks, major cybercrimes are committed by sophisticated criminals who often enjoy tacit or direct government support.

Federal law enforcement officials have long recognized that cigarette smuggling is used by various global crime organizations as a “starter” crime to raise seed money for other illicit activities. A decade ago the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) explained that “Russian, Armenian, Ukrainian, Chinese, Taiwanese, and Middle Eastern (mainly Pakistani, Lebanese, and Syrian) organized crime groups are highly involved in the trafficking of contraband and counterfeit cigarettes and counterfeit tax stamps for profit.”

The ATF further explained that “the funds received from the trafficking of illicit cigarettes, terrorist groups can purchase more arms, ammunition and explosives and use them against the United States and its interests, putting U.S. citizens at risk, as well as providing for a climate of fear around the world. Law enforcement intelligence, as well as credible open source information points to a definite benefit to terrorist groups from the illicit sale of tobacco.”

More recently, these tobacco trafficking organizations have expanded into cybercrimes. North Korea is one example of a state actor which 1) engages in the extensive counterfeiting and smuggling of cigarettes, and 2) poses a serious terrorist threat to America’s electrical grid. The Department of Energy-sponsored study which discusses the North Korean threat also cites China, the world’s largest producer of counterfeit cigarettes, as another actor posing a terrorist cyber-threat to the grid.

It’s not just groups known for their use modern technology that travel the cyber-road from tobacco trafficking to terrorism. For example, the group currently calling itself Islamic State not only smuggles cigarettes, they also received assistance from one of the world’s most notorious tobacco traffickers, and now pose a cyber-threat to US security. USCYBERCOM Commander Admiral Michael Rogers recently stated that the “U.S. needs to be prepared for digital attacks” from IS and other terrorist groups.

Cigarette smuggling has long been perceived by the public as a low priority concern and this has translated into cigarette smuggling being a relatively low priority for federal law enforcement authorities. This needs to change. Just as it’s now recognized that cybercrimes cause physical harms, so too it should to be recognized that superficially low-level crimes are funding high-tech threats. Thus, counter-smuggling enforcement actions should be integrated into the Comprehensive National Cybersecurity Initiative and eligible for receiving CNCI funds as it makes no sense to target a terrorist group’s cyber activities while ignoring the physical crimes that finance them.

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

DNS

Sponsored byDNIB.com

Domain Names

Sponsored byVerisign

Brand Protection

Sponsored byCSC

IPv4 Markets

Sponsored byIPv4.Global

New TLDs

Sponsored byRadix

Threat Intelligence

Sponsored byWhoisXML API

Cybersecurity

Sponsored byVerisign