'Hackers for Hire'- Major Police Effort To Fight Criminal Gangs.

A “small number” of hackers offer  "cybercrime as a service” creating a market a for criminal gangs to bid for targets to be attacked.

A major international effort is needed to defeat cybercrime and disrupt the criminal gangs who are using “hackers for hire” to hit sensitive financial and government targets, the UK’s anti-cybercrime boss has warned.

Andy Archibald, the head of the UK’s National Cyber Crime Unit (NCCU), said that a “small number” of hackers were offering “cybercrime as a service”, and had created a marketplace where gangs could bid for targets to be attacked.
His warning comes after it emerged that Chinese hackers are suspected of carrying out a “massive breach” on the 5th June of the personal data of nearly 4 million US government workers. This is amid suggestions it was one of the largest known thefts of US government records.

Mr Archibald called for the NCCU to work with more international police forces and the private sector to prevent cybercrime and to track down those responsible, adding it was impossible to “arrest your way out of cybercrime”.
Mr Archibald said that the majority of sophisticated cyber attacks were financially motivated and “principally against” the financial services sector. Last night security experts speculated that the US records had been targeted to allow suspected Chinese hackers to build a vast database of federal employees in what could be preparation for future attacks against the US. China has called the allegations “counter-productive” and irresponsible.

Speaking recently alongside Mr Archibald, the information security expert Professor Alan Woodward suggested as few as 100 or 200 cyber criminals might be responsible for the majority of advanced cybercrime.

Mr Archibald said he could “not put a number on the size of the threat”, but agreed that a small number of hackers were writing damaging software for sale to gangs of criminals and said there was a “viable route” to “take them out”.

He said: “The point I’d make is that the approach for dealing with cybercrime has to be quite sophisticated. Traditional crime happens inside your state’s jurisdiction. That’s no longer the case, and we need to work collectively to meet this new threat, and that includes working closely with the private sector. We need an international response.”

The NCCU already has strong links with the FBI and Europol, and Mr Archibald is quick to point to the success of a co-ordinated day of action in March against cyber criminals, aided by forensic information provided by the FBI. On the day, 56 suspects UK-wide were arrested on suspicion of offences ranging from network intrusion and data theft to cyber-enabled fraud and denial of service attacks on multinational companies and government agency websites.

Elsewhere, though, the NCCU faced criticism for quietly forging relationships with its counterparts in China, despite private firms reporting high levels of state-sponsored cyber espionage originating from the country.

Independent:

 

« DARPA - Tech to Protect the Internet of Things
Six Emerging CyberSecurity Risks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Hyper Recruitment Solutions

Hyper Recruitment Solutions

Hyper Recruitment Solutions is a specialist and highly compliant recruitment consultancy dedicated to the Science and Technology sectors.

Webroot

Webroot

Webroot delivers next-generation endpoint security and threat intelligence services to protect businesses and individuals around the globe.

IronScales

IronScales

IronScales combines human intelligence with machine learning to automatically prevent, detect and respond to email phishing attacks.

S2 Grupo

S2 Grupo

S2 Grupo is the benchmark company in Europe and Latin America, for Cyber Intelligence and mission critical systems operations.

Axis Capital

Axis Capital

AXIS Insurance’s Professional Lines Division is a leading underwriter of technology/cyber coverage and other specialty products around the globe.

Sapien Cyber

Sapien Cyber

Sapien Cyber is an Australian company bringing leading-edge cyber security and threat intelligence solutions.

Valire Software

Valire Software

Valire provide a solution for the automated detection of internal fraud.

Cyber Threat Alliance

Cyber Threat Alliance

CTA is working to improve cybersecurity of our digital ecosystem by enabling near real-time cyber threat information sharing among companies and organizations in the cybersecurity field.

BLOCKO

BLOCKO

BLOCKO is a blockchain specialized technology company that has experienced and achieved the largest amount of business in South Korea.

The Cyber AB

The Cyber AB

The Cyber AB is the official accreditation body of the Cybersecurity Maturity Model Certification (CMMC) Ecosystem.

Qmulos

Qmulos

Qmulos’ real-time continuous monitoring risk management suite, Q-Compliance, provides a massively flexible and scalable solution to optimizing operational security.

CloudSEK

CloudSEK

CloudSEK has set its sights on building the world’s fastest and most reliable AI technology, that identifies and resolves digital threats.

Eastern Cyber Resilience Centre (ECRC)

Eastern Cyber Resilience Centre (ECRC)

The Eastern Cyber Resilience Centre is part of the national roll out of Cyber Resilience Centres in the UK which began in 2019.

The CyberWire

The CyberWire

The CyberWire gets people up to speed on cyber quickly and keeps them a step ahead in a continually changing industry.

Tenable

Tenable

Organizations around the world rely on Tenable to help them understand and reduce cybersecurity risk across their attack surface—in the cloud or on-premises, from IT to OT and beyond.

Silence Laboratories

Silence Laboratories

Silence Laboratories is a cybersecurity company that focuses on the fusion of cryptography, sensing, and design to support a seamless authentication experience.