'Hackers for Hire'- Major Police Effort To Fight Criminal Gangs.

Uploaded on 2015-10-07 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

A “small number” of hackers offer  "cybercrime as a service” creating a market a for criminal gangs to bid for targets to be attacked.

A major international effort is needed to defeat cybercrime and disrupt the criminal gangs who are using “hackers for hire” to hit sensitive financial and government targets, the UK’s anti-cybercrime boss has warned.

Andy Archibald, the head of the UK’s National Cyber Crime Unit (NCCU), said that a “small number” of hackers were offering “cybercrime as a service”, and had created a marketplace where gangs could bid for targets to be attacked.
His warning comes after it emerged that Chinese hackers are suspected of carrying out a “massive breach” on the 5th June of the personal data of nearly 4 million US government workers. This is amid suggestions it was one of the largest known thefts of US government records.

Mr Archibald called for the NCCU to work with more international police forces and the private sector to prevent cybercrime and to track down those responsible, adding it was impossible to “arrest your way out of cybercrime”.
Mr Archibald said that the majority of sophisticated cyber attacks were financially motivated and “principally against” the financial services sector. Last night security experts speculated that the US records had been targeted to allow suspected Chinese hackers to build a vast database of federal employees in what could be preparation for future attacks against the US. China has called the allegations “counter-productive” and irresponsible.

Speaking recently alongside Mr Archibald, the information security expert Professor Alan Woodward suggested as few as 100 or 200 cyber criminals might be responsible for the majority of advanced cybercrime.

Mr Archibald said he could “not put a number on the size of the threat”, but agreed that a small number of hackers were writing damaging software for sale to gangs of criminals and said there was a “viable route” to “take them out”.

He said: “The point I’d make is that the approach for dealing with cybercrime has to be quite sophisticated. Traditional crime happens inside your state’s jurisdiction. That’s no longer the case, and we need to work collectively to meet this new threat, and that includes working closely with the private sector. We need an international response.”

The NCCU already has strong links with the FBI and Europol, and Mr Archibald is quick to point to the success of a co-ordinated day of action in March against cyber criminals, aided by forensic information provided by the FBI. On the day, 56 suspects UK-wide were arrested on suspicion of offences ranging from network intrusion and data theft to cyber-enabled fraud and denial of service attacks on multinational companies and government agency websites.

Elsewhere, though, the NCCU faced criticism for quietly forging relationships with its counterparts in China, despite private firms reporting high levels of state-sponsored cyber espionage originating from the country.

Independent:

 

« DARPA - Tech to Protect the Internet of Things
Six Emerging CyberSecurity Risks »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DataGuidance

DataGuidance

DataGuidance is a platform used by privacy professionals to monitor regulatory developments, mitigate risk and achieve global compliance.

National Centre of Incident Readiness & Strategy for Cybersecurity (NISC) - Japan

National Centre of Incident Readiness & Strategy for Cybersecurity (NISC) - Japan

NISC was established as a secretariat of the Cybersecurity Strategy Headquarters in collaboration with the public and private sectors to create a "free, fair and secure cyberspace" in Japan.

Critifence

Critifence

Critifence provides unique Cyber Security solutions designed for Critical Infrastructure, SCADA and Industrial Control Systems.

Source Defense

Source Defense

Source Defense provides websites with the first ever prevention technology for attacks of third-party origin.

Secure Innovations

Secure Innovations

Secure Innovations is a cybersecurity firm dedicated to providing top-tier cyber security solutions for the Defense and the Intelligence Community.

Salt Communications

Salt Communications

Salt communications is a global leader in secure communications. Our bespoke platform is the secure communications solution that uniquely gives complete control to our customers.

Cynerio

Cynerio

Cynerio develops cybersecurity protections for medical devices, comparing network behavior with a database of medical workflows.

Sphonic

Sphonic

Sphonic provides regulated institutions of any size a powerful compliance & risk platform to quickly and securely onboard new customers and manage ongoing AML and Fraud & Risk trends.

Pentest People

Pentest People

Pentest People are a UK-based security consultancy focussing on bringing the benefits of Pentesting as a Service (PTaaS) to all its clients.

Italtel

Italtel

Italtel is a multinational ICT company that combines networks and communications services with the ability to innovate and develop solutions for digital transformation.

FortKnoxster

FortKnoxster

FortKnoxster is a cybersecurity company within the Crypto & FinTech space. Our encryption technologies are blockchain integrated.

Ekco

Ekco

Ekco is one of Europe’s leading managed cloud providers. With a network of infrastructure and security specialists across Europe, we’ve perfected our approach to supporting digital transformation.

Code First Girls

Code First Girls

Code First Girls are on a mission to close the gender gap in the tech industry by providing employment through free education.

Strategic Security Solutions (S3)

Strategic Security Solutions (S3)

S3 is a leading provider of Cybersecurity consulting services for Identity and Access Governance (IAG), Zero Trust, and Enterprise Risk and Compliance.

Attaxion

Attaxion

Attaxion is an External Attack Surface Management (EASM) Platform. We offer attack surface management solutions with #1 asset coverage and laser-focused, actionable intelligence.

CyberSentriq

CyberSentriq

CyberSentriq provides an unmatched combination of proactive AI-driven email and web security, advanced data protection, and operational resilience.