Digital Transactions Authoritative, insightful and timely information for payments professionals
The proliferation of plug-and-play software has revolutionized the computing experience, mostly for good. But bad actors, too, are able to take advantage of the plug-and-play experience and purchase malware kits that require little to no coding expertise, which can retail for less than $10, according to a new report from HP Inc.
Based on an analysis of approximately 33,000 dark Web sites, forums, and marketplaces, the report found that 76% of malware and 91% of exploits, which is code that gives attackers control over systems through software bugs, retailed for less than $10. And the average cost of compromised remote desktop protocols is only $5. Such protocols enable a user to connect to another computer remotely and control it.
The availability of cheap credentials and the kits to exploit that availability helps fuel the threat of ransomware. “At the heart of this is ransomware, which has created a new cybercriminal ecosystem rewarding smaller players with a slice of the profits. This is creating a cybercrime factory line, churning out attacks that can be very hard to defend against and putting the businesses we all rely on in the crosshairs,” Alex Holland, an HP senior malware analyst, said in a statement.
The report, “The Evolution of Cybercrime: Why the Dark Web is Supercharging the Threat Landscape and How to Fight Back–an HP Wolf Security Report,” also found the dark Web providers mirror many aspects of legitimate vendors on consumer marketplaces. The research found that 92% of cybercriminal marketplaces have dispute-resolution services and 100% have vendor-feedback scores.
“Much like the legitimate online retail world, trust and reputation are, ironically, essential parts of cybercriminal commerce: 77% of cybercriminal marketplaces analyzed require a vendor bond—a license to sell—which can cost up to $3,000. 85% of these use escrow payments,” the report noted.
HP’s analysis, which included interviews with cybersecurity experts and research into leaked communications from a ransomware group, outlined four key elements about the future of cybercrime. One of these is that destructive data-denial attacks will become more damaging. “We can expect to see extortion attacks using the threat of data destruction against sectors that depend on IoT devices and data in time-sensitive and critical ways,” the report said.
There will be increasing professionalization to drive more targeted attacks, and criminals are expected to develop attacks that take advantage of new and developing technologies. Also, attackers will look to increase the speed and efficiency of their intrusions.
“In the future, for example, we are likely to see attackers using [artificial intelligence] and machine-learning techniques to enable targeted spear-phishing attacks at scale. Attackers could deploy offensive tools that utilize AI capabilities to tailor phishing emails to key individuals at an organization and speed up their post-exploitation activities after gaining an initial foothold into a network.”
