[BreachExchange] Crime Has Become Cybercrime

Tue Sep 12 19:35:05 EDT 2017

https://www.cybersecurityintelligence.com/blog/crime-has-become-
cybercrime-2742.html

Cybercrime is in the headlines. - whether it is a ransomware attack, a huge
data breach, theft of intellectual property, or the unavailability of
service, ‘cyber’ is playing an increasingly important role for both
enterprises and individuals alike.

Nowadays, nearly all crimes have an element of cyber to them and we’re
seeing more ‘traditional’ criminals get into the cybercrime industry.

However, this isn’t just bandwagon jumping; there are actually some very
good reasons why the world of cyber makes a lot of sense to criminals.

Lowering Barriers to Entry

Go back ten years or so and ‘hacking’ knowledge was limited to a few select
individuals that understood technology. It wasn’t easy to find experts that
were willing to be “hackers for hire”, and for those new to the industry,
acquiring such skills wasn’t an easy task either.

However, in recent years, the barriers to entry have gotten significantly
lower due to a few key factors:

1. Availability of online marketplaces. Online marketplaces have become
commonplace and provide a convenient place where hackers for hire can
advertise their skills to bidders. These can encompass a broad range of
services such as DDoS attacks, botnets, and targeting of individuals or
businesses, as well as custom services.

2. As-a-service. Taking a cue from legitimate businesses, cybercriminals
are beginning to remodel their organizations for greater efficiency. This
has resulted in the rise of “cyber-crime-as-a-service”. For example, Petya
& Mischa ransomware-as-a-service (RaaS) was launched in July 2016. This
platform encourages distributors to generate high returns by enticing them
with the cybercrime equivalent of performance bonuses.

If distributors generate less than five bitcoins in a given week, then they
only earn 25% of the ransom paid. However, if the weekly payment is over
125 bitcoins, then they can potentially keep 85% of it. Through such
initiatives, the RaaS business model has proven to be highly lucrative, for
both the providers and the distributors, and there’s no sign that the these
operations will go away anytime soon.

3. The rise of cryptocurrency. The third leg of the stool is made up of
crypto currencies such as bitcoin, which allow payments to be made
anonymously. This allows cyber-crime service providers to sell their wares
easily, and also allows cyber-criminals to extort money from their victims
more effectively.

Profit and Loss

Another aspect contributing to the rise in cybercrime is the increase in
potential profits. The cyber-crime market is lucrative because of the
extent to which things have gone digital. Everything from finance, to
healthcare, to national infrastructure is connected in some way or another.
On top of this, the introduction of IoT and smart devices has resulted in
an explosion of connected devices, each of which presents a potential
money-making opportunity for a clever hacker.

The abundance of connected devices gives criminals an advantage because
there will always be unsecured, unpatched, or simply insecure targets.
Attacks can be targeted against particular businesses, or can
indiscriminately affect companies of all sizes and within all verticals.

There are also some cases where a criminal could potentially make as much
profit targeting individual consumers as they could from attacking large
enterprises. By targeting individuals, hackers further lower the bar to
entry, as no pre-qualification needs to be done on the target.

Key Takeaways

The growing number of criminals taking advantage of lucrative cyber
money-making opportunities will unfortunately only continue to grow.
Therefore, it is more important than ever that enterprises and individuals
take appropriate steps to protect themselves from cyber-attacks. Here are
few tips to bear in mind:

User education and awareness is the first, and arguably the most important,
line of defense. For example, knowing not to click on suspicious links
could prevent a potential infection entirely.
Segregating critical systems and assets is also a good defensive measure.
In the event that a user does click on a link, having segregated systems
will prevent infections from spreading.
Have robust detection and response controls in place, which are enhanced by
threat intelligence, is also critical so that infections can be detected
quickly and remedial action taken immediately to minimise impact.
Finally, the importance of backup processes cannot be forgotten or
neglected. If the worst does happen, it’s often better to wipe systems and
reinstall from a clean, trusted backup than try to fix the mess.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170912/9fb53c0f/attachment.html>