Criminal enterprises as enterprises.

Trend Micro yesterday released a report discussing the variances in criminal group behavior based on their sizes. The researchers share that knowledge of the size of a criminal organization can aid in the discovery of cybercrime.

Small criminal enterprises.

The report shares that small criminal businesses are typically comprised of 1 to 5 staff members, a single layer of management personnel, and a turnover of under $500,000. In smaller criminal businesses, the positions held within the group usually are not the only positions held by the participating members. The report shares that the members of these groups usually also have a day job. Most cyber criminal businesses often fit into the small criminal business category.

Medium-sized criminal groups.

Mid-sized businesses tend to have between six and 49 employees, two layers of management, and upwards of $50 million in turnover annually. These businesses tend to be structured like pyramids, with one person usually in charge.

Large cybercriminal businesses.

Large businesses usually have three management layers, as well as 50 or more employees and more than $50 million annually. Lower management and supervisory management are king in these businesses, with the overarching leadership well-versed in cybercrime. The larger cybercriminal businesses that fit into this category (such as Conti), tend to be run like corporations, containing even departments, such as IT and HR, with benefits and performance reviews like that of a legitimate business.