todd

Cyber Criminals Are Business People Too

Cyber Crime Business

You’re on the morning train on the way to work and take a look at the guy next to you. He’s clean-cut, wearing a crisp suit and holding a leather briefcase just like dozens of others. Just another worker headed to the office, right?. Yes, but not in the way you think he is. That person is going to work but rather than creating reports and spreadsheets, he’s part of a criminal ring dedicated to breaking into corporate networks to steal data and money. Hackers are no longer basement-dwelling weirdos as they are portrayed in Hollywood productions. They’re business people.

Hackers have grown increasingly organized and sophisticated as the years have passed. The reason for this is simple: there are millions of dollars available to them. Thousands of businesses do not have the capital or employee resources to adequately protect sensitive information and make easy marks for enterprising people with computer skills and questionable moral compasses. Like any business, criminals have evolved their practices to promote growth and capitalize on new opportunities.

Black Collar Jobs

Like any corporation, continuous improvements are made to further successful operations and strengthen results by investing capital. Hackers have done just so. Within the last year, cyber criminals have pocketed more than $24 million dollars from ransomware alone. This is just the beginning. Hackers have used their ill-gotten gains to create livable wages and recruit others to strengthen their operations. One could even call them entrepreneurs, as they are straightforwardly organizing and operating large-scale organizations analogous to those of the corporate world. And with any entrepreneur that sees his or her business going well, they open the opportunity for someone else to jump on the bandwagon. In fact, entrepreneurial hackers have become so successful that they are franchising their ransomware businesses to any wanna-be hacker ready to compromise their values for some quick cash.

In the past, ransomware attacks could point to one cybercriminal doing all the work themselves from building the software to setting up infrastructure to executing the attack. But just as any business evolves, ransomware operations have too, there’s a criminal carrying out each duty essential to a planned attack.

It begins with the ransomware developers, the masterminds behind the malware itself. They are the builders in the ransomware world that design and create a plethora of attacks ranging from the malware itself to malvertising exploit kits.

Then comes the ransomware operators whose job it is to make sure the malware is downloaded by unsuspecting users. These cybercriminals hackers are the ones who facilitate the attack and lurk around businesses, creating lists of targeted victims and, once ready, inflict their particular brand of devastation. But their duties don’t stop there. They’re also customer service reps.

Everyone knows that with every good business, strong customer service and marketing is key. When businesses learn that they are the victims of a ransomware attack, they have a lot of questions. What happened? How do I pay you? How do I get my files back? Ransomware operators provide victims with a “customer-service line” that can guide them through the entire extortion process. This line quickly guides the victim through the steps necessary to get access to their files back, after paying a “modest” fee of course. The reasoning is simple: by making the process relatively pain-free, hackers improve their chances of getting their victims to pay. In fact, the average ransomware payment is roughly $300 which is not a high barrier for most businesses to clear. What’s a day’s worth of your time worth?

From Anarchy to Structure

The professionalization, franchising and systemization of ransomware activities has given each hacker the ability to focus on and hone their specific trade. As a result, attacks are more effective and targeted than ever before and businesses need to take data protection seriously. While it’s typically used to describe musicians or actors, it’s possible that the hacker community has sold out. The anarchists of yesteryear may have retired their brightly colored mohawks, but they’re being replaced by modern-day professionals that are business people just like you and I.

By Todd O’Boyle

Todd O’Boyle

Todd is a co-founder and CTO at Strongarm, an Allied Minds company. Prior to Strongarm, Todd spent 15 years at The MITRE Corporation, providing technical support to the Department of Defense and the Intelligence Community. He also served as principal investigator for a project developing methods to improve how operators respond to adversaries.

Todd has a Bachelor of Science, Computer Science from Purdue University.

View Website

CONTRIBUTORS

Cloud’s Mighty Role - Why Custom Development is the Next Big Thing (Again)

Cloud’s Mighty Role – Why Custom Development is the Next Big Thing (Again)

Custom Development is the Next Big Thing Today, software is playing a very important role in performing basic business processes ...
Cross-Site Scripting - Why Is It A Serious Security Threat For Big Data Applications?

Cross-Site Scripting – Why Is It A Serious Security Threat For Big Data Applications?

Security Threat And Big Data Applications IBM, Amazon, Google, Yahoo, Microsoft - and the list goes on. All these leading ...
SAP Migration To The Public Cloud

It’s Time To Move – Simplify Your SAP Migration To The Public Cloud

SAP Migration To The Public Cloud SAP transformations to hyper-scale cloud providers like Amazon Web Services (AWS) are gaining momentum ...
How To Humanize Your Data (And Why You Need To)

How To Humanize Your Data (And Why You Need To)

How To Humanize Your Data The modern enterprise is digital. It relies on accurate and timely data to support the ...
Philips teams with HPE on ecosystem approach to improve healthcare informatics-driven outcomes

Philips teams with HPE on ecosystem approach to improve healthcare informatics-driven outcomes

The next BriefingsDirect healthcare transformation use-case discussion focuses on how an ecosystem approach to big data solutions brings about improved healthcare informatics-driven outcomes ...
Malware Will Cripple Cloud And IoT Infrastructure If Not Contained

Malware Will Cripple Cloud And IoT Infrastructure If Not Contained

The Malware Cloud Concern This year we’ve had two cyber attacks in which malware was used to cripple government computer ...
4 Tips for Secure Video Conferencing

4 Tips for Secure Video Conferencing

Securing Video Conferencing Today, cybersecurity dominates headlines as businesses of all sizes and across multiple industries are falling victim to ...
How B2B Ecosystems & (Big) Data Can Transform Sales and Marketing Practices

How B2B Ecosystems & (Big) Data Can Transform Sales and Marketing Practices

B2B Ecosystems & (Big) Data Managing your relationships with customers, suppliers, and partners and constantly improving their experience is a ...

NEWS

Cloud Security Alliance Issues New Code of Conduct for GDPR Compliance

Cloud Security Alliance Issues New Code of Conduct for GDPR Compliance

EDINBURGH, Scotland, Nov. 21, 2017 /PRNewswire-USNewswire/ -- The Cloud Security Alliance (CSA), the world's leading organization dedicated to defining and raising awareness of best practices ...
HPE CEO Whitman's surprise exit stumps Wall Street

HPE CEO Whitman’s surprise exit stumps Wall Street

(Reuters) - Shares of Hewlett Packard Enterprise Co (HPE.N) fell 6 percent on Wednesday after Chief Executive Officer Meg Whitman’s ...
OVH Announces New Hosted Private Cloud Offerings for US Market

OVH Announces New Hosted Private Cloud Offerings for US Market

OVH delivers next-generation services for hosted private cloud, disaster recovery, and hybridity leveraging industry-leading solutions RESTON, VA--(Marketwired - Nov 20, ...

SPONSORS

Scale your Windows Azure application

Help Your Business Improve Security By Choosing The Right Cloud Provider

Choosing The Right Cloud Provider Security issues have always been a key aspect of business planning; failure to properly protect ...
Has Cybersecurity Become Too Reactive in this Day and Age?

Has Cybersecurity Become Too Reactive in this Day and Age?

Cybersecurity Too Reactive? Cybersecurity today has become far too reactive. The constant innovation of hackers has meant that defenses are ...
Scale your Windows Azure application

Understanding The Importance Of A Flexible Hybrid Cloud Solution

Flexible Hybrid Cloud Solution The cloud computing revolution continues to gather pace, and more and more businesses are coming on-board ...