Black and gray markets for computer hacking tools, services and byproducts such as stolen credit card numbers continue to expand, creating an increasing threat to businesses, governments and individuals, according to a new RAND Corporation study.
One dramatic example is the December 2013 breach of retail giant Target, in which data from approximately 40 million credit cards and 70 million user accounts was hijacked. Within days, that data appeared — available for purchase — on black market websites.
“Hacking used to be an activity that was mainly carried out by individuals working alone, but over the last 15 years the world of hacking has become more organized and reliable,” said Lillian Ablon, lead author of the study and an information systems analyst at RAND, a nonprofit research organization. “In certain respects, cybercrime can be more lucrative and easier to carry out than the illegal drug trade.”
The growth in cybercrime has been assisted by sophisticated and specialized markets that freely deal in the tools and the spoils of cybercrime. These include items such as exploit kits (software tools that can help create, distribute, and manage attacks on systems), botnets (a group of compromised computers remotely controlled by a central authority that can be used to send spam or flood websites), as-a-service models (hacking for hire) and the fruits of cybercrime, including stolen credit card numbers and compromised hosts.
In the wake of several highly-publicized arrests and an increase in the ability of law enforcement to take down some markets, access to many of these black markets has become more restricted, with cybercriminals vetting potential partners before offering access to the upper levels. That said, once in, there is very low barrier to entry to participate and profit, according to the report.
RAND researchers conducted more than two dozen interviews with cybersecurity and related experts, including academics, security researchers, news reporters, security vendors and law enforcement officials. The study outlines the characteristics of the cybercrime black markets, with additional consideration given to botnets and their role in the black market, and “zero-day” vulnerabilities (software bugs that are unknown to vendors and without a software patch). Researchers also examine various projections and predictions for how the black market may evolve.
What makes these black markets notable is their resilience and sophistication, Ablon said. Even as consumers and businesses have fortified their activities in reaction to security threats, cybercriminals have adapted. An increase in law enforcement arrests has resulted in hackers going after bigger targets. More and more crimes have a digital component.
The RAND study says there will be more activity in “darknets,” more checking and vetting of participants, more use of crypto-currencies such as Bitcoin, greater anonymity capabilities in malware, and more attention to encrypting and protecting communications and transactions. Helped by such markets, the ability to attack will likely outpace the ability to defend.
Hyper-connectivity will create more points of presence for attack and exploitation so that crime increasingly will have a networked or cyber component, creating a wider range of opportunities for black markets. Exploitations of social networks and mobile devices will continue to grow. There will be more hacking-for-hire, as-a-service offerings and cybercrime brokers.
The Latest on: Hackers
via Google News
The Latest on: Hackers
- SolarWinds hackers nearly breached cybersecurity firm Palo Alto Networks — here's how it fended off disasteron January 21, 2021 at 12:44 pm
Palo Alto Networks used an AI tool to detect someone attempting to download malware on one of its servers, without realizing the scale of the hack.
- Bugs Allowed Hackers to Hijack Kindle Accounts With Malicious Ebookson January 21, 2021 at 9:36 am
The flaws that potentially allowed hackers to spend money using victims’ credit cards are now fixed. A series of vulnerabilities in Amazon's Kindle could have allowed hackers to take control of ...
- Hackers Accidentally Expose Passwords Stolen From Businesses On the Interneton January 21, 2021 at 3:06 am
Cybercriminals Mistakenly Expose Compromised Passwords On the Internet That Were Stolen During a Large-Scale Phishing Attack.
- Microsoft: This is how the sneaky SolarWinds hackers hid their onward attacks for so longon January 20, 2021 at 11:00 pm
The SolarWinds hackers put in "painstaking planning" to avoid being detected on the networks of hand-picked targets.
- Security firm Malwarebytes was infected by same hackers who hit SolarWindson January 20, 2021 at 12:14 pm
Security firm Malwarebytes said it was breached by the same nation-state-sponsored hackers who compromised a dozen or more US government agencies and private companies. The attackers are best known ...
- Suspected Russian Hackers Targeted Cyber Firm Malwarebyteson January 19, 2021 at 5:10 pm
Suspected Russian hackers targeted the cybersecurity company Malwarebytes Inc. in the course of a sprawling cyber-attack that breached U.S. government agencies and companies.
- SolarWinds hackers are expanding espionage data-gathering and gaining powerful access to Microsoft cloud apps, FireEye researchers sayon January 19, 2021 at 5:09 pm
The FireEye research team investigating the SolarWinds cyberattacks say they are seeing expanding data-gathering and Microsoft 365 access.
- Malwarebytes Hit by SolarWinds Hackers, But Only Internal Emails Were Accessedon January 19, 2021 at 1:34 pm
The antivirus provider says it examined its production systems for possible signs of tampering, but found nothing. 'Our software remains safe to use,' Malwarebytes adds.
- Cybersecurity firm: Booting hackers a complex choreon January 19, 2021 at 6:19 am
The cybersecurity firm that discovered a cyberespionage campaign that has badly shaken U.S. government agencies and the private sector says efforts to assess the impact and boot the intruders remain i ...
- The SolarWinds Hackers Used Tactics Other Groups Will Copyon January 19, 2021 at 6:08 am
The SolarWinds hackers used their access in many cases to infiltrate their victims' Microsoft 365 email services and Microsoft Azure Cloud infrastructure—both treasure troves of potentially sensitive ...
via Bing News