Categories: CyberCrimeSecurity

Hacking Is ‘One Of The Most Profitable Industries In The World’

Forget investment banking – it seems that if you really want to make big money in technology, making malware could be the best method.

A report released today revealed that attackers receive an estimated 1,425 percent return on investment for exploit kit and ransomware schemes, which trick users into paying hackers who have installed malicious software on their computers.

This is equivalent to £54,000 ($84,100) net revenue for just a £3,200 ($5,900) investment, according to security firm Trustwave.

Cheap as chips

Such an investment could consist of paying $3,000 for ransomware variant CTB-Locker and $500 to rent RIG, an exploit with a promised infection rate of 10 to 15 per cent, Trustwave’s 2015 Global Security Report found.

Purchasing access to compromised websites that will generate traffic of 20,000 users a day will set them back a further $1,800 a day, with a camouflage system to ensure the payload is not detectable by anti-virus solutions costs just $600.

Based on Trustwave estimates that 0.5 per cent of infected victims will pay a $300 ransom to free their units, this adds up to equivalent profits of over $90,000, without the criminals ever needing to write a single line of code.

Insecure

Weak remote access security and weak passwords tied as the vulnerability most exploited by criminals in 2014, the report found, with “Password1” shamefully found to be the most commonly used password.

Overall, 39 percent of passwords were eight characters long, which took Trustwave security testers around a day to crack. The company is recommending lengthier passwords, though, noting that the estimated time it takes to crack a ten-character password is 591 days.

Elsewhere in the report, Trustwave found that 98 percent of applications tested in 2014 had at least one vulnerability, as hackers increasingly targeted apps. The median number of vulnerabilities per application increased 43 percent in 2014 from the previous year, with one app found to be carrying a staggering 747 vulnerabilities.

Payment card track data (the numbers typically found on the back of a credit or debit card) was found to be the most popular target for attackers, comprising 31 percent of cases Trustwave investigators found.

Twenty percent of the time attackers sought either financial credentials or proprietary information (compared to 45 percent in 2013) meaning attackers shifted their focus back to payment card data.

“To defend against today’s sophisticated criminals, businesses must see attacks from their front windshield instead of their rear view mirror,” said Trustwave chairman, chief executive officer and president Robert J. McCullen.

“By providing a wealth of current, actionable data breach trends and threat intelligence, our 2015 Trustwave Global Security Report helps businesses identify what’s coming so that they can engage the people, processes and technologies needed to thwart cybercrime attacks that can generate close to a 1,500 return on investment.”

Are you a security pro? Try our quiz!

Mike Moore

Michael Moore joined TechWeek Europe in January 2014 as a trainee before graduating to Reporter later that year. He covers a wide range of topics, including but not limited to mobile devices, wearable tech, the Internet of Things, and financial technology.

View Comments

  • 'revealed that attackers receive an estimated 1,425 percent return on investment'
    But it doesn't allow for time spent in jail if caught, a bit like saying mugging is a very profitable business, you only need to invest in a knife!

Recent Posts

Vodafone Germany Confirms 2,000 Job Losses, Amid European Restructuring

More downsizing at Vodafone after German operation announces 2,000 jobs will be axed, as automation…

16 hours ago

AI Poses ‘Jobs Apocalypse’, Warns Report

IPPR report warns AI could remove almost 8 million jobs in the United Kingdom, with…

17 hours ago

Europe’s Longest Hyperloop Test Track Opens

European Hyperloop Center in the Netherlands seeks to advance futuristic transport technology, despite US setbacks

17 hours ago

NHS Scotland Confirms Clinical Data Published By Ransomware Gang

NHS Dumfries and Galloway condemns ransomware gang for publishing patients clinical data after cyberattack earlier…

19 hours ago

Fewer People Using Twitter After Musk Takeover – Report

Research data suggests fewer people are using Elon Musk's X, but platform insists 250 million…

22 hours ago

Julian Assange Wins Temporary Reprieve For US Extradition Appeal

US assurances required. Julian Assange handed a slender reprieve in fight against his extradition to…

24 hours ago