In Part 1, we discussed the mounting threat posed by malware, which has grown in sophistication and scale over the past year, according to a Sophos Security Threat Report. But the increasingly covert nature of attackers is not the only factor behind the global proliferation of crimes.
Weak business authentication strategies also play a key role, as evidenced by a recent exposure of user passwords for a business that was carried out not through a direct attack on the site, but instead through exploiting the fact that customers used the same password for different sites, according to CBR. If businesses required customers to use stronger authentication, perhaps this may not have occurred. The breadth and depth of present-day malware attacks are likely apparent to most people who read the news. But what might not be as evident is the scale of criminality behind the incidents.
According to a report by the RAND Corporation and sponsored by Juniper Networks, cybercrime is as cohesive and strategic a criminal enterprise as any — and likely more profitable than most.
The Cybercrime Black Market is Perhaps Raking in More Money than Drugs
The report’s assertion that “in certain respects, the [cybercrime] black market can be more profitable than the illegal drug trade” is as surprising as it is alarming. After all, one likely does not imagine hackers acting with the same force and law-eluding skill as major druglords. And yet through a thorough examination of the structure of the black market for cybercrime, RAND uncovered a criminal network of significant complexity and scale. The primary difference between cybercrime and any other crime is that it does not need an operational base. Because it exists in the virtual sphere, it can and does operate around the world. The scattered nature of the market makes it highly difficult to track.
A Rigidly Hierarchical Structure That is Hard to Trace — and Harder to Breach
Despite being scattered, though, the report pointed out that the black market is able to retain a chain of command that is very difficult to penetrate. At the bottom of this chain are the mules, a group that represents an easy entry point into taking down cybercriminals. That is because unlike the hackers themselves, the mules are largely unskilled, and the work they do is outside the tech sphere. For instance, a mule would come into play if hackers breached an ATM machine and needed someone to physically pick up the cash. Another example would be a person who mails out money that was acquired through a hack. Unfortunately, though, even if a mule is caught, it is unlikely that authorities will be able to extract helpful information from him. That is because the top tier of the hacker enterprise — containing administrators and subject-matter experts — is very closely guarded, and mules are unlikely to have direct communication with any of these people. “Getting to the top tier and involved in high-level, sophisticated crimes still requires personal connections and a good reputation, especially for being trustworthy,” the report stated. Therefore, the hope of actually breaching an administrative hacking system by means of a mule informant is slim. This leaves authorities often scrambling in the dark in the wake of a breach, not really knowing where to turn.
Safeguarding Personal and Enterprise Identity to Protect Against Attack
A series of large-scale data breaches over the past year have demonstrated the ease with which identities can be stolen and taken advantage of. Unfortunately, authorities are often at a loss about where such attacks are coming from and how to prevent them. For this reason, it is necessary for all organizations to guard identities with strong authentication measures. Doing so may not defeat cybercrime, but it can protect end-users, and any involved institutions or enterprises, from feeling its impact.