A perfect time for cyber crime
TK Keanini, CTO, Lancope, Inc.
Criminals have been around since the beginning of time, but cyber crime is new to the information age. It used to be that cyber criminals needed skills at all stages of the attack: reconnaissance, exploitation, evasion, etc. That was until about five years ago when black markets opened up with an effective currency that allowed hackers to sell their merchandise. The supply and demand sides of these markets are booming, and it is time we pay attention.
On the supply side, skilled hackers can package up and sell top-grade exploits, exploit distribution networks, denial-of-service attacks, evasion packaging, ransomware capabilities, stolen credentials and so on for top dollar. On the demand side, criminals no longer have to be experts in everything. In fact, they could just be criminals and, with minimal computer skills, purchase everything they need to launch a successful cyber attack. "Add to cart" all the components and capabilities of the attack and off they go to compromise targets and make money.
This marketplace would have happened earlier, but two things needed to become widely available first. One was a network infrastructure that could let cyber criminals operate under the radar, and the other was a currency that would let them conduct commerce anonymously: these are the TOR network and Bitcoin, respectively.
The TOR network describes itself as a “free software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security.” Users running the TOR software are "hidden" and can conduct all kinds of activity under the radar. Sometimes called Darknet Markets, these marketplaces offer their services on the TOR network so they too remain "hidden" to the normal internet. The TOR network, intended or not, meets critical networking requirements for the rapid expansion of criminal activity.
Bitcoin is a virtual currency (aka cryptocurrency) with no central authority and no governmental support, yet it thrives in the digital realm, bypassing the impediments of legal tender. Until cryptocurrency, ransom types of criminal activities were underdeveloped mainly because the money trail caused too much risk to the assailants. Leveraging strong cryptography, Bitcoin delivers on all of the requirements for these criminals. The sudden surge in the ransom form of attacks like Cryptolocker is directly associated with the capabilities of cryptocurrency as payment.
Cryptocurrency is also slowly making its way to the fringe of digital retail. Online retailer Overstock.com recently announced support for Bitcoin, and in the first day, reported $126,000 USD from 800 Bitcoin transactions. This is tiny when compared to the volume of Bitcoin transactions in the Darknets. With Bitcoins in hand, criminals can buy their way into being incredibly effective cyber swindlers.These miscreants are making billions, and in short order, are trending toward trillions. Until this number flattens out or starts to trend downward, your likelihood of experiencing multiple incidents per quarter is extremely high, particularly if you are “interesting” to criminals. This situation will only get worse as more businesses and individuals put their data and lives on the internet. An explosion of criminals, thriving and robust marketplaces where they can purchase cyber capabilities, and an abundance of victims will unfortunately soon lead to a never-before-seen growth in cyber crime.