Cyber Crime Business
You’re on the morning train on the way to work and take a look at the guy next to you. He’s clean-cut, wearing a crisp suit and holding a leather briefcase just like dozens of others. Just another worker headed to the office, right?. Yes, but not in the way you think he is. That person is going to work but rather than creating reports and spreadsheets, he’s part of a criminal ring dedicated to breaking into corporate networks to steal data and money. Hackers are no longer basement-dwelling weirdos as they are portrayed in Hollywood productions. They’re business people.
Hackers have grown increasingly organized and sophisticated as the years have passed. The reason for this is simple: there are millions of dollars available to them. Thousands of businesses do not have the capital or employee resources to adequately protect sensitive information and make easy marks for enterprising people with computer skills and questionable moral compasses. Like any business, criminals have evolved their practices to promote growth and capitalize on new opportunities.
Black Collar Jobs
Like any corporation, continuous improvements are made to further successful operations and strengthen results by investing capital. Hackers have done just so. Within the last year, cyber criminals have pocketed more than $24 million dollars from ransomware alone. This is just the beginning. Hackers have used their ill-gotten gains to create livable wages and recruit others to strengthen their operations. One could even call them entrepreneurs, as they are straightforwardly organizing and operating large-scale organizations analogous to those of the corporate world. And with any entrepreneur that sees his or her business going well, they open the opportunity for someone else to jump on the bandwagon. In fact, entrepreneurial hackers have become so successful that they are franchising their ransomware businesses to any wanna-be hacker ready to compromise their values for some quick cash.
In the past, ransomware attacks could point to one cybercriminal doing all the work themselves from building the software to setting up infrastructure to executing the attack. But just as any business evolves, ransomware operations have too, there’s a criminal carrying out each duty essential to a planned attack.
It begins with the ransomware developers, the masterminds behind the malware itself. They are the builders in the ransomware world that design and create a plethora of attacks ranging from the malware itself to malvertising exploit kits.
Then comes the ransomware operators whose job it is to make sure the malware is downloaded by unsuspecting users. These cybercriminals hackers are the ones who facilitate the attack and lurk around businesses, creating lists of targeted victims and, once ready, inflict their particular brand of devastation. But their duties don’t stop there. They’re also customer service reps.
Everyone knows that with every good business, strong customer service and marketing is key. When businesses learn that they are the victims of a ransomware attack, they have a lot of questions. What happened? How do I pay you? How do I get my files back? Ransomware operators provide victims with a “customer-service line” that can guide them through the entire extortion process. This line quickly guides the victim through the steps necessary to get access to their files back, after paying a “modest” fee of course. The reasoning is simple: by making the process relatively pain-free, hackers improve their chances of getting their victims to pay. In fact, the average ransomware payment is roughly $300 which is not a high barrier for most businesses to clear. What’s a day’s worth of your time worth?
From Anarchy to Structure
The professionalization, franchising and systemization of ransomware activities has given each hacker the ability to focus on and hone their specific trade. As a result, attacks are more effective and targeted than ever before and businesses need to take data protection seriously. While it’s typically used to describe musicians or actors, it’s possible that the hacker community has sold out. The anarchists of yesteryear may have retired their brightly colored mohawks, but they’re being replaced by modern-day professionals that are business people just like you and I.
By Todd O’Boyle
Todd is a co-founder and CTO at Strongarm, an Allied Minds company. Prior to Strongarm, Todd spent 15 years at The MITRE Corporation, providing technical support to the Department of Defense and the Intelligence Community. He also served as principal investigator for a project developing methods to improve how operators respond to adversaries.
Todd has a Bachelor of Science, Computer Science from Purdue University.