Cybercrime as a business
How cybercriminals monetise their crimes.
By Rob Dawson, Technology Advisor at Myrtec
In today’s digital age, cybercrime has evolved into a sophisticated and lucrative industry. Understanding how cybercriminals monetise their crimes is crucial to safeguarding your assets and personal information.
THE BUSINESS OF CYBERCRIME
Cybercrime is no longer the domain of lone hackers operating from their basements. It has transformed into a well-organised industry with its own supply chains, marketplaces, and business models. Cybercriminals operate like legitimate businesses with specialised roles, hierarchies, and even customer service.
There are two primary ways in which cybercriminals monetise their crimes—indirectly and directly. Indirectly, cybercriminals monetise their activities through data breaches. They will first steal sensitive information such as customer data, financial records, and intellectual property. This stolen data is then sold on the dark web to other criminals who use it for identity theft, fraud, and other malicious activities which can be re-monetised.
An example of direct monetisation is ransomware attacks. Cybercriminals lock a victim’s data and demand a ransom in exchange for the key. Businesses and individuals often feel compelled to pay the ransom to regain access to their critical data, making ransomware a highly profitable venture for cybercriminals.
THE ECONOMICS OF CYBERCRIME
The cybercrime industry thrives on the principle of supply and demand. Stolen data, malware, and hacking tools are traded on underground marketplaces, where cybercriminals can buy and sell their goods. These marketplaces operate much like e-commerce platforms, complete with user reviews, ratings, and customer support.
The cost of launching a cyberattack has decreased significantly, thanks to the availability of “crime-as-a-service” offerings. For a relatively small fee, aspiring cybercriminals can purchase ready-made malware, exploit kits, and even hire hackers to carry out attacks on their behalf. This has lowered the barrier to entry, allowing more individuals to participate in cybercrime.
LOW SOPHISTICATION THREATS
Not all cybercriminals rely on advanced techniques. Many exploit low sophistication threats, such as scams and phishing attacks, to target individuals and businesses alike. These threats often involve tricking victims into divulging personal information or transferring money.
For example, phishing scams involve sending lookalike emails to steal login credentials or financial information, while phone scams use impersonation to extract sensitive information.
WHO IS AT RISK?
Something to understand about cybercrime is that it is broadly perpetrated by individuals and groups from less wealthy parts of the world. This is important because it means that just because you are not a big target doesn’t mean you won’t be targeted. The value of the money they are after is relative, and what seems small to us may not be so small to them. Being that the cost of entry to perpetrate crimes is reducing, it allows for fairly healthy margins, even when the stolen and monetised amounts aren’t that significant to you or your business.
This means that everyone is at risk from attempts from cybercriminals. Low sophistication attempts are generally done at scale, and we’re all prospective targets. Think of it like a sales process. You have prospects (which is a wide net that is cast), leads (people who engage with the threat), opportunities (where they progress you through process), and the close (where they take your money and data).
SO, WHAT CAN YOU DO?
Invest in Cybersecurity:
Businesses should prioritise cybersecurity by investing in robust security measures, people, processes, and technology. These measures can prevent unauthorised access to your network, making it harder for cybercriminals to steal sensitive data or deploy ransomware.
Educate Employees:
Human error is a significant factor in many cyberattacks. Educating employees about cybersecurity best practices, such as recognising phishing emails and using strong passwords, can reduce the risk of a breach. This is crucial in preventing low sophistication threats like phishing scams, which rely on tricking individuals into divulging personal information.
Implement Multi-Factor Authentication (MFA):
Enforce MFA on everything that requires a password. This can significantly reduce the likelihood of unauthorised access, even if a cybercriminal obtains login credentials through a data breach or phishing attack. It is well worth your time!
Backup Data Regularly:
Regularly backing up data ensures that you can recover your information in the event of a ransomware attack or data breach. By storing backups in a secure, offline location, you can avoid paying ransoms to cybercriminals and quickly restore your critical data.
Stay Informed:
Cyber threats are constantly evolving. Staying informed about the latest trends and threats in cybersecurity can help you stay one step ahead of cybercriminals. This knowledge can help you implement proactive measures to protect against both highly sophisticated and low sophistication attacks. The Australian Cyber Security Centre website is full of useful resources.
In summary, the accessibility of cybercrime tools has made it imperative for everyone to remain vigilant and proactive in their cybersecurity efforts. By investing in comprehensive security measures, educating employees, and staying informed about the latest threats, individuals and organisations can significantly reduce their risk of falling victim to cyberattacks.
