Categories: SecurityWorkspace

Cyber Crime Industry Runs Its Own Marketing, Recruitment And Customer Service

Researchers have warned that cyber crime is growing into a financially driven industry with close ties to the offline criminal underworld.

A study conducted by the US non-profit think tank RAND on behalf of Juniper Networks suggests that today’s professional cyber criminals are much more organised and better equipped than the idealistic hackers who were breaking into corporate databases a decade ago. They run their own communication networks, online black markets, recruitment campaigns and even offer customer support.

In other words, the cyber crime world is mirroring the innovation and growth seen in the free markets.

Mark Quartermaine, area VP for the UK and Ireland at Juniper Networks, told TechWeek Europe that in order to remain safe, businesses need to shift their protection from ‘passive’ to ‘active’, using tools that can identify not just the type of malware or service the attackers use, but also the attackers themselves.

He also suggested that, as large corporations invest millions in their network security over the coming years, small and medium businesses will present a more tempting target for cyber crime.

Major profits

According to the report, entitled “Markets for Cybercrime Tools and Stolen Data: Hackers’ Bazaar”, the black markets for malware and illegal online services have reached unprecedented levels of maturity and growth, to the point where they become more profitable than the trade in illegal drugs.

Today, credit card information and exploit kits can be bought freely online through professional-looking storefronts that accept a wide variety of virtual currencies and earn their owners millions. But it doesn’t stop with goods – criminal services are also available for purchase, with Distributed Denial of Service (DDoS) attacks costing as little as $50 for a 24-hour assault on a target website.

The cyber criminals are not afraid to advertise their wares out in the open, something TechWeek Europe has learned first-hand. In the last 12 months, we have been repeatedly approached by the owners of buyddos.com – a website which claims to offer “professional DDoS services” and runs offers like “buy three months of DDoS, and get one month free”.

According to the study, some cyber crime organisations can ‘employ’ as many as 80,000 people, and it takes time and personal connections to move up the command chain. RAND found that many parts of the cyber black market are well structured, governed and have a set of rules similar to a constitution. People who scam their colleagues, otherwise known as ‘rippers’, are dealt with internally.

The report highlights that information for aspiring hackers is widely available online, including instructions for exploit kits and where to buy credit cards. It goes on to suggest that free access to training has accelerated sophistication and helped facilitate an evolutionary leap in the hacker economy.

In terms of regional differences, RAND found that malware developers from Russia are known for high quality of their work, while cyber criminals from China specialise in hunting for valuable intellectual property. Most Vietnamese criminal groups focus on e-commerce, and attacking banks has emerged as a popular pastime in Eastern Europe.

“We must address the root cause behind the accelerated maturation of the cyber-crime market – the very economics that drive its success,” commented Nawaf Bitar, SVP and general manager for the security business at Juniper Networks.

“By disrupting the economics of hacking we can break the value chains that drive successful attacks. We must never lose the moral high ground, however, so we cannot go on the offensive and hack back, but we can no longer remain passive. By using forms of active defence such as intrusion deception we can identify, thwart and frustrate attackers. Active defence is a promising and exciting approach for addressing the rapidly evolving threat landscape.”

How well do you know Internet security? Try our quiz and find out!

Max Smolaks

Max 'Beast from the East' Smolaks covers open source, public sector, startups and technology of the future at TechWeekEurope. If you find him looking lost on the streets of London, feed him coffee and sugar.

Recent Posts

Meta To Spend $10 Billion On Largest Data Centre To Date

Facebook parent confirms its 23rd data centre in the US will be located in Louisiana,…

12 hours ago

Musk’s Neuralink Animal Lab Cited For ‘Objectionable Conditions’

Federal regulator reportedly cites animal lab at Elon Musk's Neuralink for “objectionable conditions or practices”

15 hours ago

Trump Nominates Cryptocurrency Advocate Paul Atkins As SEC Chair

President-elect Donald Trump nominates a new chairman to head the SEC, who is a noted…

17 hours ago

CMA Clears Vodafone, Three Merger After Price Promise

UK regulator approves Vodafone, Three merger, after receiving commitments over price, network, and virtual mobile…

18 hours ago

Amazon Sued For Halting Deliveries To Two Black Neighbourhoods

District of Columbia sues Amazon, alleging it secretly stopped fastest delivery service to two predominantly…

20 hours ago

Bitcoin Surges Past $100,000 For First Time, Amid Trump Optimism

Crypto optimism under Trump's presidency, pushes the price of Bitcoin past $100,000 for the first…

21 hours ago