04 Jan Commercialization of Cybercrime and what it means to your organization
Cybercrime is fast becoming a full-fledged commercial industry, operating very much like the software and IT services industry. This was not always the case.
Since the early days of the Internet, cybercriminals were perceived as individuals, working in dark basements at night, and only communicating with others like them when needing to exchange information. They were also perceived as deranged geniuses, using their extraordinary skills for malicious intent. Such individuals, it was thought, would hone their skills for many years until reaching the level of expertise required to hack into large organizations, and would never get caught.
Fast forward to 2016, and you will find this concept is no longer valid.
For starters, in many countries, the age of cybercriminals is relatively young and dropping.
The average age of cybercrime suspects in the UK, for example, has fallen to 17.
A recent publication by the country’s National Crime Agency (NCA) calls for educating parents “whose children may be involved in hacking or other kinds of cyber crime.” (http://www.nationalcrimeagency.gov.uk/news/765-campaign-targets-uk-s-youngest-cyber-criminals).
So much for the hardened cybercriminal image. Now we know the greatest threat to the teenage hacker is not the FBI locating its IP address, but mommy threatening to send him to his room with no dinner, because he didn’t complete his homework before hacking a bank or two…
Humor aside, this is only a symptom of how accessible hacking has become to anyone who’s computer literate.
If in the past the software code used for such activities was developed over long periods of time and used by a chosen few, today there’s a growing trend to monetize the hard work of malware creation by making it cheap and easy to use, and promising a quick return on investment (ROI).
In a nutshell, we are witnessing an “app-ization” of the cyber world, where hackers (read; software engineers) design easy-to-use malware (read; products), and sell these to the masses in underground markets (read; app stores).
And the end “product”? An easy-to-use piece of software, often with complete support packages.
So all a teenager really has to do is get his or her hands on such a piece and start experimenting. Getting it is easy enough. Darknet and other underground markets are easily accessible, and there’s now a wealth of crypto-currencies with which one can pay without using a credit card and drawing the police to his (or his parents’) home.
But why stop there? Why not copy an even more modern business model from the software world?
Why buy a piece of code (license) when you can simply rent the service upon demand?
Never to shy away from potential gains, cybercriminals have embraced the “as-a-service” business model, and offer just about everything, from DDoS service through ransomware to botnets, all available on demand without any prior knowledge or infrastructure needed.
Some of them don’t even require payment up front, only a 10% share of future profits. (http://www.theregister.co.uk/2015/11/13/ransomwareasaservice_surfaces_wants_10_percent_profit_cut/).
You can even pay-per-install (PPI) or join affiliate programs that evolved from pushing adware to distributing malware.
So now that we’ve established that cybercrime has gone the route of every industry in the capitalist world as its tries to maximize gains by every means possible, cybercrime has become much more accessible to novices.
What this means to your organization:
- There will be more cyberattacks – With more people using available tools and “firing at every directions” to get a quick gain, your organization is more likely than ever to be targeted, perhaps even repeatedly.
- You are fighting an asymmetric battle uphill – Not only are there more attackers than defenders, but also the attacks tools are being developed, commercialized and distributed to the masses more rapidly than ever. That means that defensive systems will face not only more, but also a greater variety of attacks.
- The knowledge asymmetry will increase as well – It’s much harder to defend against hackers. Simple off-the-shelf malware can take a long time to detect, and many years of experience to analyze and study.
- Every security mechanism that creates multiple false-positives will be dropped or used to a lesser extent – The sheer scale of the attacks will make false-positives (alarms that indicate malware detection when in fact the system has falsely identified a benign file) such a burden that organizations will forfeit the use of such a system in favor of more conclusive technologies.
To summarize, advances in technology coupled with a maturing (cybercrime) industry have to lead to a point where everyone with an intent and minimal means can engage in cyber activities.
It is no longer a question of “if” and “how” your organization will be attacked, but rather of “how many times” and “with what attack tools.”
Organizations need to stop attacks at the earliest stages by equipping themselves with automatic, conclusive security solutions with minimal false-positives in order to stand a chance of fending off this onslaught.
To learn more about Solebit solutions please contact us for a demo: