Cybercrime Economy: The Business Of Hacking

The profile of typical cyber attackers – and the interconnected nature of their underground economy – have evolved in the last several years.

Adversaries are increasingly leveraging management principles in the creation and expansion of their operations to ultimately increase their impact and financial profits. Enterprises can use this inside knowledge against the attackers to disrupt the organizational structure and mitigate their risks, according to HP Enterprise.

The attackers’ value chain

Today’s adversaries often create a formalized operating model and ‘value chain’ that is very similar to legitimate businesses in structure, and delivers greater ROI for the cybercriminal organization throughout the attack lifecycle. If enterprise-level security leaders, regulators and law enforcement are to disrupt the attackers’ organization, they must first understand every step in the value chain of this cybercrime economy.

Critical elements to the attackers’ value chain models typically include:

Human resources management – Includes recruiting, vetting and paying the supporting ‘staff’ needed to deliver on specific attack requirements; the skills-based training and education of attackers also falls within this category.

Operations – The ‘management team’ that ensures the smooth flow of information and funds throughout the attack lifecycle; this group will actively seek to reduce costs and maximize ROI at every step.

Technical development – The front-line ‘workers’ providing the technical expertise required to perform any given attack, including research, vulnerability exploitation, automation, and more.

Marketing and sales – These teams ensure that the attack group’s reputation in the underground marketplace is strong and the illicit products are both known and trusted among the target audience of potential buyers.

Outbound logistics – This encompasses both the people and systems responsible for delivering purchased goods to a buyer, be it large batches of stolen credit card data, medical records, intellectual property or otherwise.

“Cybercriminals are highly professional, have robust funding, and are working together to launch concentrated attacks,” said Chris Christiansen, Program Vice President, Security Products and Services, IDC.Disrupting the chain and advancing enterprise protection

HPE recommends a number of approaches for enterprise security professionals to better defend against these organized attackers:

Reduce the profits – Limit the financial rewards adversaries can realize from an attack on the enterprise by implementing end-to-end encryption solutions. By encrypting data at rest, in motion and in use, the information is rendered useless to the attackers, restricting their ability to sell and reducing profits.

Reduce the target pool – The expansion of mobile and IoT has dramatically increased the possible attack surface for all enterprises. Organizations must build security into their development processes, and focus on protecting the interactions between data, apps and users regardless of device to better mitigate and disrupt adversary attacks.

Learn from the adversaries – New technologies such as ‘deception grids’ provide methods of trapping, monitoring and learning from attackers as they navigate their way through a realistic duplication of the network. Enterprises can use this information to better protect their real network, disrupt similar attacks before they begin, and slow down the progress of attackers.

HelpNetSecurity: http://bit.ly/1W2spnR

« Robots Won’t Only Take Jobs They Will Also Create Jobs
Not Just A Question Of Money: Cybersecurity And The CFO »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Secure India

Secure India

Secure India provides Forensic Solutions that help Government and Business in dealing with prevention and resolution of Cyber related threats.

Jumpsec

Jumpsec

Jumpsec provides penetration testing, security assessments, social engineering testing, cyber incident response, training and consultancy services.

Payload Security

Payload Security

Payload Security's VxStream Sandbox is a fully automated malware analysis system.

Foundation Futuristic Technologies (FFT)

Foundation Futuristic Technologies (FFT)

FFT is a global leader in computer forensics and digital investigation solutions.

NopSec

NopSec

NopSec provides automated IT security control measurement and risk remediation solutions to help businesses protect their IT environments from security breaches.

CloudMask

CloudMask

CloudMask patent technology provides Dynamic Data Masking (DDM) that masks sensitive data, structured or non-structured, in real-time.

BwCIRT

BwCIRT

BwCIRT is the Computer Incident Response Team (CIRT) for Botswana and provides an official point of contact for dealing with computer security incidents.

Connectria

Connectria

Connectria provides cloud hosting, remote monitoring, and compliant cloud security solutions and services to enterprises, medium and small businesses.

Haven Group

Haven Group

Haven Group and its companies are a cyber security one-stop-shop for our clients offering a full range of cyber security services to our clients in a unified and united way.

Cord3

Cord3

Cord3 delivers data protection, even from trusted administrators – or hackers posing as administrators – with high privilege.

Portshift

Portshift

Portshift leverages the power of Kubernetes and Service-Mesh to deliver a single source of truth for containers and cloud-native applications security.

IT-Seal

IT-Seal

IT-Seal GmbH specializes in sustainable security culture and awareness training.

Coralogix

Coralogix

Coralogix are rebuilding the path to observability using a real-time streaming analytics pipeline that provides monitoring, visualization, and alerting capabilities without the burden of indexing.

Zorus

Zorus

Zorus provides best-in-class cybersecurity products to MSP partners to help them grow their business and protect their clients.

Immunefi

Immunefi

Immunefi provides bug bounty hosting, consultation, and program management services to blockchain and smart contract projects.

Synoptek

Synoptek

Synoptek is a global systems integrator and managed IT services provider (MSP). We offer comprehensive IT management and consultancy services to organizations worldwide.