Reputation and honor among cybercriminals

Reputation and honor among cybercriminals

They focus on finding loopholes in software that allow them to gain a foothold and take control of systems by targeting known bugs and vulnerabilities in popular software.

As in the world of legitimate e-commerce, trust and reputation have become a fundamental part of the cybercriminal profession. According to new research from HP Wolf Security, 77 percent of analyzed cybercriminal marketplaces require a vendor bond – permission to sell – which can cost up to $3,000. As further evidence of a professional approach, 85 percent of these sites use escrow and 92 percent have a third-party dispute resolution service. Each marketplace also provides feedback scores to sellers. Cybercriminals also try to stay one step ahead of law enforcement by moving their “brand” between websites, since the average lifespan of a dark web website is only 55 days.HP’s Wolf Security threat team partnered with Forensic Pathways, a leading global forensics group, to conduct a three-month dark web investigation that collected and analyzed more than 35 million cybercriminal marketplaces and forum posts to understand how cybercriminals operate, how they gain trust and build reputation. The results show that malware is easily and cheaply available. More than three-quarters (76 percent) of the prices in advertisements about them, as well as 91 percent of exploits, cost less than $10, while the average price of compromised Remote Desktop Protocol credentials is only $5.”Unfortunately, it’s never been easier to be a cybercriminal. Complex attacks used to require serious skills, knowledge and resources. Now, technology and training are available for the price of a gallon of gas. And whether it’s exposing corporate advertising customer data, or delaying shipments or even canceling a hospital appointment, the explosive growth of cybercrime affects us all,” says the author of the report, Alex Holland, senior malware analyst at HP. Cybercriminals focus on finding loopholes in software that allow them to gain a foothold and take control of systems by targeting known bugs and vulnerabilities in popular software. Examples include the Windows operating system, Microsoft Office, web content management systems, and web and mail servers. Kits that exploit vulnerabilities in gap-filling systems are the most expensive (typically between $1,000 and $4,000). Zero days on dark web markets can cost tens of thousands of dollars.The report warns that businesses need to prepare for devastating overload attacks, increasingly targeted cyber campaigns and cybercriminals using new technologies, including artificial intelligence, to challenge organizations’ data integrity.Dr. Ian Pratt, HP’s global head of security for personal systems, explained: “We all need to do more to combat the growing cybercrime machine. For individuals, that means becoming cyber-aware. Most attacks start with the click of a mouse, so it’s always important to think before we click. But even better, we create a safety net for ourselves by purchasing technology that can mitigate and recover from bad clicks,” reported Beta News.Hardware, software, tests, interesting and colorful news from the world of IT by clicking here!

Leave a Comment

Your email address will not be published.