Connect with us

Hi, what are you looking for?

World

Cybercrime part of sophisticated online economy: Study

-

The dark world of cybercrime has evolved from one of rogue individuals to a functioning market-based economy with its ups and downs, code of conduct and "innovation."

A study by Rand Corp. and commissioned by the security firm Juniper Networks found a well-organized, multibillion-dollar underground economy that has become "a playground of financially driven, highly organized and sophisticated groups."

The evolution of cybercrime creates new challenges for security professionals trying to protect computer networks, says Nawaf Bitar, Juniper's general manager for security.

"We have long suspected that cybercriminals were sophisticated and that they had an organizational structure, but no one had studied this," Bitar told AFP.

"The success of this market is driven by accelerated economics, and the way to address this is through economics."

The report says the black markets "are growing in size and complexity" and that this activity "mirrors the normal evolution of a free market, with both innovation and growth."

Juniper's security vice president Michael Callahan said this cyber underground has all the characteristics of an economy, including its own currencies -- chiefly cryptographic payment forms such as Bitcoin.

A study by Rand Corp. has found a well-organized  multibillion-dollar underground economy in cybercr...
A study by Rand Corp. has found a well-organized, multibillion-dollar underground economy in cybercrime that has become "a playground of financially driven, highly organized and sophisticated groups"
Etienne Laurent, AFP/File

Callahan said the underground economy is characterized by specialization and "resilience," so that if one market participant leaves, another steps up.

"We saw this when (the black market bazaar) Silk Road went down, and within a day other participants started filling that gap," Callahan said.

"It's one of those signs this is a mature economy."

- 'Honor among thieves' -

The report notes that, just as in some organized crime groups, there is a code of conduct that helps reassure customers.

"You have honor among thieves," Callahan said.

"They work to a level of conduct. They know it is in all of their best interests to follow the rules. Like in other markets, these people know that your reputation is key."

The report suggests that about 30 percent of the sellers of financial data are "rippers," who fail to deliver promised goods or services.

These abuses generally occur in the "lower" levels of the black market that are easiest to access. But these rippers "tend to get reported and then often quickly removed," the report said.

A cash register screen indicates a customer is entering their PIN number at a Target store on Decemb...
A cash register screen indicates a customer is entering their PIN number at a Target store on December 19, 2013 in Miami, Florida
Joe Raedle, Getty/AFP/File

The study found these markets span the globe from China to Eastern Europe to Latin America, with many US-based players and "more cross-pollination between these cybercriminals than ever before."

The cybercrime world features "storefronts" like other forms of e-commerce, with hacker tools and services bought and sold.

The tools available include those used in the attack on US retail giant Target, where upwards of 110 million customers may have had their personal data stolen.

For those who lack technical savvy, new services are offered. Rand found one can obtain a Distributed Denial of Service (DDoS) attack -- in which hackers overwhelm a server to interrupt access -- for as low as $50 for a 24-hour attack.

- 'Active resistance' -

French police officers of the PHAROS internet investigation unit work in Nanterre  near Paris  on Fe...
French police officers of the PHAROS internet investigation unit work in Nanterre, near Paris, on February 4, 2014. PHAROS is part of the French Anti-Cybercrime Office
Joel Saget, AFP/File

Bitar said the cybersecurity community needs to shift its focus because of the new threat, because the traditional methods of using firewalls and other defensive measures are not enough.

"We need to use active resistance rather than passive resistance," he said.

This could involve setting traps, using encryption and delivering bogus information that disrupts efforts by hackers and attacks.

But he said he strongly opposes the idea of "hacking back" at the attackers.

"I believe that is wrong. You can harm innocent bystanders," he said.

The dark world of cybercrime has evolved from one of rogue individuals to a functioning market-based economy with its ups and downs, code of conduct and “innovation.”

A study by Rand Corp. and commissioned by the security firm Juniper Networks found a well-organized, multibillion-dollar underground economy that has become “a playground of financially driven, highly organized and sophisticated groups.”

The evolution of cybercrime creates new challenges for security professionals trying to protect computer networks, says Nawaf Bitar, Juniper’s general manager for security.

“We have long suspected that cybercriminals were sophisticated and that they had an organizational structure, but no one had studied this,” Bitar told AFP.

“The success of this market is driven by accelerated economics, and the way to address this is through economics.”

The report says the black markets “are growing in size and complexity” and that this activity “mirrors the normal evolution of a free market, with both innovation and growth.”

Juniper’s security vice president Michael Callahan said this cyber underground has all the characteristics of an economy, including its own currencies — chiefly cryptographic payment forms such as Bitcoin.

A study by Rand Corp. has found a well-organized  multibillion-dollar underground economy in cybercr...

A study by Rand Corp. has found a well-organized, multibillion-dollar underground economy in cybercrime that has become “a playground of financially driven, highly organized and sophisticated groups”
Etienne Laurent, AFP/File

Callahan said the underground economy is characterized by specialization and “resilience,” so that if one market participant leaves, another steps up.

“We saw this when (the black market bazaar) Silk Road went down, and within a day other participants started filling that gap,” Callahan said.

“It’s one of those signs this is a mature economy.”

– ‘Honor among thieves’ –

The report notes that, just as in some organized crime groups, there is a code of conduct that helps reassure customers.

“You have honor among thieves,” Callahan said.

“They work to a level of conduct. They know it is in all of their best interests to follow the rules. Like in other markets, these people know that your reputation is key.”

The report suggests that about 30 percent of the sellers of financial data are “rippers,” who fail to deliver promised goods or services.

These abuses generally occur in the “lower” levels of the black market that are easiest to access. But these rippers “tend to get reported and then often quickly removed,” the report said.

A cash register screen indicates a customer is entering their PIN number at a Target store on Decemb...

A cash register screen indicates a customer is entering their PIN number at a Target store on December 19, 2013 in Miami, Florida
Joe Raedle, Getty/AFP/File

The study found these markets span the globe from China to Eastern Europe to Latin America, with many US-based players and “more cross-pollination between these cybercriminals than ever before.”

The cybercrime world features “storefronts” like other forms of e-commerce, with hacker tools and services bought and sold.

The tools available include those used in the attack on US retail giant Target, where upwards of 110 million customers may have had their personal data stolen.

For those who lack technical savvy, new services are offered. Rand found one can obtain a Distributed Denial of Service (DDoS) attack — in which hackers overwhelm a server to interrupt access — for as low as $50 for a 24-hour attack.

– ‘Active resistance’ –

French police officers of the PHAROS internet investigation unit work in Nanterre  near Paris  on Fe...

French police officers of the PHAROS internet investigation unit work in Nanterre, near Paris, on February 4, 2014. PHAROS is part of the French Anti-Cybercrime Office
Joel Saget, AFP/File

Bitar said the cybersecurity community needs to shift its focus because of the new threat, because the traditional methods of using firewalls and other defensive measures are not enough.

“We need to use active resistance rather than passive resistance,” he said.

This could involve setting traps, using encryption and delivering bogus information that disrupts efforts by hackers and attacks.

But he said he strongly opposes the idea of “hacking back” at the attackers.

“I believe that is wrong. You can harm innocent bystanders,” he said.

AFP
Written By

With 2,400 staff representing 100 different nationalities, AFP covers the world as a leading global news agency. AFP provides fast, comprehensive and verified coverage of the issues affecting our daily lives.

You may also like:

World

Calling for urgent action is the international medical humanitarian organization Doctors Without Borders/Médecins Sans Frontières (MSF)

Business

The cathedral is on track to reopen on December 8 - Copyright AFP Ludovic MARINParis’s Notre-Dame Cathedral, ravaged by fire in 2019, is on...

Business

Saudi Aramco President & CEO Amin Nasser speaks during the CERAWeek oil summit in Houston, Texas - Copyright AFP Mark FelixPointing to the still...

Business

Hyundai on Wednesday revealed plans to invest more than $50 billion in South Korea by 2026.