Page 47 - Cyber Warnings
P. 47
Cut their risk. Criminal enterprises want to lower their operational risk, the same as any
other organization. So they use tools such as Tor to gain anonymity and encryption to
protect their transmissions from prying eyes, competitors, law enforcement or
intelligence agencies.
Moreover, widespread remote access enables them to manage multiple operations
remotely, sparing them from an onsite presence that exposes them to greater risk.
Increase efficiency. Regular enterprises use economies of scale and scope to reach a
large number of customers. Hackers use the same to contact a greater number of
victims and boost the quality of information they attain.
Exploit social intelligence. Recruiters uses social media to gain background on job
candidates. Criminals use it to gather intelligence about their targets.
Benefit from contractor competition. Criminals gain by hiring team members and
business partners from a global pool of specialists, who vie with each other for their
business.
Bank online. Online transactions make it easier to transfer wealth between jurisdictions
using hard-to-trace cryptocurrencies.
Offer crime as a service. Market specialization exists in cybercrime, from botnet rentals
to services for hire. Criminals can buy or design custom malware solutions tailored to
their desires and needs.
Cybercriminals locate the preceding products and services in much the same manner as do
consumers. They go online and look for them among plenty of options.
Gray and black marketplaces hawk malware, DDoS botnets, ransomware kits, malware-as-a-
service (delivered from a cloud-based platform), and stolen data are all for sale somewhere.
Like any laissez-faire market, these shadow economies have set prices for specific pieces of
data: a Social Security, credit card or bank account number all command different prices.
Many private citizens don’t prioritize hardened security on home computers, assuming that they
have nothing of valuable to hackers. They are mistaken. Just like in any economy, if a
commodity has value and can be commoditized, it will be.
Even those who don’t keep any sensitive data on their machine may find that it can still be
remotely seized and used for a rogues’ gallery of purposes.
47 Cyber Warnings E-Magazine – September 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
