Hacker Underground: How Markets for Cyber-Tools, Stolen Data Work

 
 
By Chris Preimesberger  |  Posted 2014-04-15 Email Print this article Print
 
 
 
 
 
 
 
 

Cyber-attacks continue to grow in number as well as become more sophisticated. Enterprises' intellectual property and brand reputation can evaporate in a heartbleed (um, heartbeat—sorry, couldn't resist), and our personal information is targeted daily. During the last decade, cyber-criminals, hacking tools and black marketplaces have become more sophisticated and spawned an entirely new economy: a deep and complex underground one of its own. It includes storefronts, cloud services, criminal services for sale and even training on how to conduct cyber-attacks. A new report by RAND, sponsored by Juniper Networks, titled "Markets for Cybercrime Tools and Stolen Data: Hackers' Bazaar," provides analysis of how these markets function, how they are composed, historical trends and projections for the future. While some refer to these markets as the cyber underground, Juniper likens it more to a thriving metropolis. This eWEEK slide show examines the diverse facets that make up this new metropolis.

 
 
 
  • Hacker Underground: How Markets for Cyber-Tools, Stolen Data Work

    by Chris Preimesberger
    1 - Hacker Underground: How Markets for Cyber-Tools, Stolen Data Work
  • Storefronts and Bazaars

    Like other forms of e-commerce, many data records, exploit kits and goods are bought and sold from storefronts—which can encompass everything from instant-messaging chat channels and forums to sophisticated stores. RAND found that some organizations can reach 70,000 to 80,000 people, with a global footprint that brings in hundreds of millions of dollars.
    2 - Storefronts and Bazaars
  • Service Economy

    Not only goods, but criminal services are available for purchase, RAND found. These tools, sold on the black market as traditional software or leased like any other managed service, can help enable the most unskilled hackers to launch fairly elaborate and advanced attacks. For example, RAND found botnets, which can be used to launch a distributed denial-of-service (DDoS) attack, are sold for as low as $50 for a 24-hour attack.
    3 - Service Economy
  • Rules of Criminal Law

    There is indeed honor among thieves. Many parts of the cyber black market are well-structured, policed and have rules like a constitution, according to RAND. In addition, those who scam others are regularly banned or otherwise pushed off the market.
    4 - Rules of Criminal Law
  • Education and Training

    RAND identified widely available tools and resources on the black market that teach criminals how to hack, including instructions for exploit kits and where to buy credit cards. This access to training has accelerated sophistication and a broader set of roles and has helped facilitate entry into the hacker economy.
    5 - Education and Training
  • Anonymous Currencies Favored

    Transactions in the cyber black markets are often conducted by means of digital currencies. Bitcoin, Pecunix, AlertPay, PPcoin, Litecoin, Feathercoin and Bitcoin extensions such as Zerocoin are a few of the currencies used. RAND found many criminal sites are starting to accept only cryptocurrencies due to their anonymity and security characteristics.
    6 - Anonymous Currencies Favored
  • Diversity of Attacks Among Cultures

    Cyber-criminals from China, Latin America and Eastern Europe, according to RAND, are typically known for quantity in malware attacks, while those from Russia tend to be thought of as the leader in quality. RAND also found areas of expertise and focus among cyber-criminals from different countries. Many Vietnamese cyber-criminals, for example, focus on e-commerce hacks. Cyber-criminals from Russia, Romania, Lithuania and Ukraine focus on financial institutions. Many Chinese cyber-criminals specialize in intellectual property. U.S.-based cyber-criminals primarily target U.S.-based systems and, more specifically, financial systems.
    7 - Diversity of Attacks Among Cultures
  • Hierarchal Society

    Much like a legitimate business, it takes connections and relationships to move up the (cyber) food chain, the study found. Getting to the top requires personal connections, but those at the top are making the lion's share of the money.
    8 - Hierarchal Society
  • Criminals Among Even the Bad Guys

    Even the criminal cyber black market has criminals. Known as "rippers," these bad guys do not provide the goods or services they claim they will provide.
    9 - Criminals Among Even the Bad Guys
  • Social Media, a Hot Commodity

    Twitter accounts are generally worth more on the black market when compared with the average cost of a credit card record. This is potentially due to the oversaturation of cards following the recent mega data breaches and the ability to use social media accounts for follow-on attacks.
    10 - Social Media, a Hot Commodity
  • Gray Markets Growing

    There are currently gray markets where zero-day vulnerabilities are bought and sold for sky-high prices to governments and other private actors. RAND found that zero-day prices range from a few thousand dollars to $300,000, depending on the severity of the vulnerability, the complexity of the exploit and how long the vulnerability remains undisclosed.
    11 - Gray Markets Growing
 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date
Rocket Fuel