The business of organised cybercrime
TEAM leader, network administrator, data miner, money specialist. These are just some of the roles making a difference at today’s enterprises. The same is also true for sophisticated cybergangs.
“Many still wrongly believe that the dark web is exclusively inhabited by hoodie-clad teenagers and legions of disaffected disruptors.
“The truth is, the average hacker is just a cog in a complex ecosystem more akin to that of a corporate enterprise. The only difference is the endgame, which is usually to cause reputational or financial damage to governments, businesses and consumers,” said Simon McCullough, channel account manager at F5 Networks.
He said there was no way around it – cybercrime was now run like an industry with multiple levels of deceit shielding those at the top from capture. “Therefore, it’s more important than ever for businesses to re-evaluate cybercriminal perceptions and ensure effective protective measures are in place.”
McCullough said cybergangs as a collective were often structured like legitimate businesses, including partner networks, resellers and vendors.
Some, he said, had even set up call centres to field interactions with ransomware victims.
“Meanwhile, entry-level hackers across the world are embarking on career development journeys of sorts, enjoying opportunities to learn and develop skills. This includes the ability to write their own tools or enhance the capabilities of others.”
He said that in many ways, it was a similar path to that of an intern.
“They often become part of sophisticated groups or operations once their abilities reach a certain level. Indeed, a large proportion of hackers are relatively new entrants to the cybercrime game and still use low-level tools to wreak havoc. This breed of cybercriminal isn’t always widely feared by big corporations. They should be.”
How cybergangs are using technology to work smarter and cheaper
Cybergangs often work remotely across widely dispersed geographies, which makes them tricky to detect and deal with. The nature of these structures also means that cyber attacks are becoming more automated, rapid and cost-effective.
The costs and risks are further reduced when factoring in the fluidity and inherent anonymity of cryptocurrencies and the dark web.
The industry has become so robust that hackers can even source work on each link in an attack chain at an affordable rate. Each link is anonymous to other threat actors in the chain to vastly reduce the risk of detection.
Why cybersecurity mindsets must change
IT teams globally have been lecturing staff for years on the importance of creating different passwords. Overall, the message is not resonating enough.
To combat the issue, businesses need to consider alternative tactics such as password manager applications, as well as ensuring that continuous security training is available and compulsory for all staff.
Cybergangs use many different methods to cause chaos, making it increasingly difficult to identify attacks in a timely manner. Businesses are often ignorant about the size of attacks, the scope of what has been affected and the scale of the operation behind them.
“You are operating in the dark without doing the utmost to know your enemy. Failing to do so will continue to put information, staff and customers at risk by allowing cybergangs to operate in the shadows,” said McCullough.