Inside the Big Business Of Cyber Crime

For three months, Armor’s Threat Resistance Unit (TRU) research team compiled and analysed data from the black market to shed light on the type of activity threat actors are participating in and how underground forums operate in the burgeoning industry.

Just as big businesses operate based on regulations, the laws of supply and demand, and even customer reviews, so does the black market.

However, unlike the legitimate economy, the underground market is highly anonymised and can be difficult to access, with some sites requiring rounds of verification and removing users deemed suspicious.

“There’s no question that the Dark Web is filled with stolen financial information, personal records and tools for carrying out small- and large-scale attacks,” said Wayne Reynolds, vice president of security, Armor.

“More surprisingly, threat actors have created a guide for each other at the expense of their victims. Cyber-criminals have developed a world where someone’s identity can be stolen and their bank account wiped out in an instant.”

Cyber-Crime-as-a-Service

Similarly, the backbone of this industry is the tools, tactics and services made available. Researchers found one of the most profitable means of generating income is cybercrime-as-a-service. These flexibly-priced services range from DDoS attacks for $10/hour or $200/day to spam for-hire-services.

Remote access to compromised machines can be bought and sold for $13 a month, and exploits kits are rented for prices such as $80/day, $500/week or $1,400/month.

Some sellers even offer their own version of customer support for their wares in the form of updates and troubleshooting for an additional price.

Everything available for Sale

The cyber underground is riddled with stolen credit cards and personal data the way retail stores have shelves lined with products. Data from customers of major brands such as American Express, Visa and Master Card is readily available for $10 or less.

Additional personal information found in these forums includes social security numbers, bank account information, as well as hotel and airline reward points.

But there is more than just malware, hacking services and credit cards for sale. Personally identifiable information (PII) and forged documents are up for sale to those trying to move across borders without detection.

A Canadian passport and Ontario driver’s license was being offered for $1,000 for example. Meanwhile, passports, driver’s licenses, Visas, social security numbers and a slew of other PII ranged from $40 – $2,000 depending on the item or items being sold.

Even compromised social media accounts have value as well, hacked Instagram accounts were seen being sold in bundles, such as $15 for 2,500 accounts and up to $60 for 10,000 accounts.

“The pricing models and overall barrier to entry for cybercrime is shockingly low,” said Reynolds. “However, the potential payout is worth the upfront cost, and the stable nature of underground market makes the investment worthwhile.

Although it’s difficult to pinpoint an exact amount, we estimate hundreds of billions to trillions of dollars are exchanged through the black market almost every day. It’s imperative that individuals and legitimate businesses secure their environments and keep up with the evolving cyber landscape.”

Help Net Security

You Might Also Read: 

Cybercime Against UK Business Is Up 63%:

 

« Snowden Says Social Media Is Surveillance 'Rebranded'
The Cambridge Analytica Case Is A Red Herring »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

SecPoint

SecPoint

SecPoint provides products to secure & protect your network from remote and local attacks.

evoila

evoila

evoila GmbH is one of the leading providers in consulting, analysis, implementation and management of cloud infrastructure.

Shift Technology

Shift Technology

Shift Technology provides insurance companies with an innovative SaaS solution to improve and scale fraud detection.

ThreatAware

ThreatAware

Total visibility of your business cybersecurity. Monitoring, management and compliance for your cybersecurity tools, people and processes from one easy to use dashboard.

SCADASUDO

SCADASUDO

SCADASUDO is a cyber solution architecture and design office, established by leading experts in the field of OT (Industrial control) and IT (information Technology).

Protocol Labs

Protocol Labs

Protocol Labs is a research, development, and deployment institution for improving Internet technology.

EvoNexus

EvoNexus

EvoNexus is a technology startup incubator with locations in San Diego, Orange County, and Silicon Valley.

SystemExperts

SystemExperts

SystemExperts is a premier provider of IT compliance and cyber security consulting services.

Boxphish

Boxphish

Boxphish provides a proven solution to reduce Human Error and Cyber Human Risk via automated learning journeys and intelligent phishing simulations.

Trace3

Trace3

Trace3 is a pioneer in business transformation solutions, empowering organizations to keep pace with the rapid changes in IT innovations and maximize organizational health.

CyberQP

CyberQP

CyberQP (formerly Quickpass Cybersecurity) provide Privileged Access Management built for MSPs. Our system is designed to reduce ransomware and social engineering attack risks.

Abacus Group

Abacus Group

Abacus Group is a global IT services firm for alternative investment firms, providing an enterprise technology platform specifically designed to meet the unique needs of financial services.

C2 Risk

C2 Risk

C2 Risk are focussed on risk analytics for information assurance, privacy and ESG (Environmental, Social, and Governance).

National Centre for Digital Security (CNSD) - Peru

National Centre for Digital Security (CNSD) - Peru

The National Center for Digital Security manages and supervises the operation of Digital Security in Peru in order to strengthen digital trust.

Breathe Technology

Breathe Technology

Breathe Technology has been providing Managed IT Support/ Service Desk, Cloud Services, Cyber Security & Communications to businesses and schools since 2003.

Command Zero

Command Zero

Command Zero is the industry’s first autonomous and AI-assisted cyber investigations platform, built to transform security operations in complex enterprise environments.