'Hackers for Hire'- Major Police Effort To Fight Criminal Gangs.

A “small number” of hackers offer  "cybercrime as a service” creating a market a for criminal gangs to bid for targets to be attacked.

A major international effort is needed to defeat cybercrime and disrupt the criminal gangs who are using “hackers for hire” to hit sensitive financial and government targets, the UK’s anti-cybercrime boss has warned.

Andy Archibald, the head of the UK’s National Cyber Crime Unit (NCCU), said that a “small number” of hackers were offering “cybercrime as a service”, and had created a marketplace where gangs could bid for targets to be attacked.
His warning comes after it emerged that Chinese hackers are suspected of carrying out a “massive breach” on the 5th June of the personal data of nearly 4 million US government workers. This is amid suggestions it was one of the largest known thefts of US government records.

Mr Archibald called for the NCCU to work with more international police forces and the private sector to prevent cybercrime and to track down those responsible, adding it was impossible to “arrest your way out of cybercrime”.
Mr Archibald said that the majority of sophisticated cyber attacks were financially motivated and “principally against” the financial services sector. Last night security experts speculated that the US records had been targeted to allow suspected Chinese hackers to build a vast database of federal employees in what could be preparation for future attacks against the US. China has called the allegations “counter-productive” and irresponsible.

Speaking recently alongside Mr Archibald, the information security expert Professor Alan Woodward suggested as few as 100 or 200 cyber criminals might be responsible for the majority of advanced cybercrime.

Mr Archibald said he could “not put a number on the size of the threat”, but agreed that a small number of hackers were writing damaging software for sale to gangs of criminals and said there was a “viable route” to “take them out”.

He said: “The point I’d make is that the approach for dealing with cybercrime has to be quite sophisticated. Traditional crime happens inside your state’s jurisdiction. That’s no longer the case, and we need to work collectively to meet this new threat, and that includes working closely with the private sector. We need an international response.”

The NCCU already has strong links with the FBI and Europol, and Mr Archibald is quick to point to the success of a co-ordinated day of action in March against cyber criminals, aided by forensic information provided by the FBI. On the day, 56 suspects UK-wide were arrested on suspicion of offences ranging from network intrusion and data theft to cyber-enabled fraud and denial of service attacks on multinational companies and government agency websites.

Elsewhere, though, the NCCU faced criticism for quietly forging relationships with its counterparts in China, despite private firms reporting high levels of state-sponsored cyber espionage originating from the country.

Independent:

 

« DARPA - Tech to Protect the Internet of Things
Six Emerging CyberSecurity Risks »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Wisegate

Wisegate

Wisegate is a community of IT experts providing advisory services on all areas of IT including security.

CORDIS

CORDIS

CORDIS is the European Commission's primary public repository and portal to disseminate information on all EU-funded research projects and their results.

IntSights

IntSights

IntSights is an intelligence driven security provider offering rapid, accurate cyberthreat intelligence and incident mitigation in real time

SQNetworks

SQNetworks

SQNetworks provides a full range of cybersecurity consultancy, services and solutions.

Private Internet Access

Private Internet Access

Private Internet Access is a Virtual Private Network services provider offering secure encrypted access to the internet.

Arab Information & Communication Technologies Organization (AICTO)

Arab Information & Communication Technologies Organization (AICTO)

The Arab ICT Organization (AICTO) is an Arab governmental organization working under the aegis of the league of Arab States.

IUCC Cyber Unit - Israel

IUCC Cyber Unit - Israel

IUCC Cyber Unit safeguards Israel’s National Research & Education Network (NREN).

CorkBIC International Security Accelerator

CorkBIC International Security Accelerator

CorkBIC International Security Accelerator invests in early stage disruptive companies in the security industry including, Cybersecurity, Internet of Things (IOT), Blockchain and AI.

Corsha

Corsha

Corsha is on a mission to simplify API security and allow enterprises to embrace modernization, complex deployments, and hybrid environments with confidence.

SightGain

SightGain

SightGain is the only integrated risk management solution focused on cybersecurity readiness using real-world attack simulations in your live environment.

Avancer Corporation

Avancer Corporation

Avancer Corporation is a multi-system integrator focusing on Identity and Access Management (IAM) Technology. Founded in 2004.

Trilateral Research

Trilateral Research

Trilateral Research provide regulatory and policy advice; develop new data-driven technologies and contribute to the latest standards in safeguarding privacy, ethics and human rights.

SecurityGen

SecurityGen

SecurityGen is a global cybersecurity start-up focused on telecom security, with a focus on 5G networks.

Astrill VPN

Astrill VPN

Astrill VPN is a Seychelles based Virtual Private Network(VPN) Company.

MiC Talent Solutions

MiC Talent Solutions

MiC Talent Solutions provides recruiting, direct hire, augmented staff, and professional service contracting solutions for organizations searching for minority cybersecurity talent.

Servadus

Servadus

Servadus help organizations with their cybersecurity and compliance programs through management and sustainability, consulting, and assessing.