Much like the legitimate online retail world which requires trust and reputation, a new report has revealed that 77 per cent of cybercriminal marketplaces require a license to sell, which can cost up to N1.2 million.
The report released by HP Inc, titled: ‘The Evolution of Cybercrime: Why the Dark Web is Supercharging the Threat Landscape and How to Fight Back – an HP Wolf Security Report,’ revealed that, 85 per cent of these use escrow payments, and 92 per cent have a third-party dispute resolution service, adding that every marketplace provides vendor feedback scores.
The HP Wolf Security threat team worked with Forensic Pathways, a leading group of global forensic professionals, on a three-month dark web investigation, scraping and analysing over 35 million cybercriminal marketplaces and forum posts to understand how cybercriminals operate, gain trust, and build reputation.
Findings of the report revealed that cybercriminals try to stay a step ahead of law enforcement by transferring reputation between websites, as the average lifespan of a dark net Tor website is only 55 days.
The report disclosed that popular software is giving cybercriminals a foot in the door, in that cybercriminals are focusing on finding gaps in software that will allow them to get a foothold and take control of systems by targeting known bugs and vulnerabilities in popular software.
“Examples include the Windows operating system, Microsoft Office, web content management systems, and web and mail servers. Kits that exploit vulnerabilities in niche systems command the highest prices (typically ranging from N393,853.76 to N1.7million). Zero Days (vulnerabilities that are not yet publicly known) are retailing at tens of thousands of dollars on dark web markets,” it said.
It showed that malware is cheap and readily available, adding that, over three quarters (76 per cent) of malware advertisements listed, and 91 per cent of exploits (i.e., code that gives attackers control over systems by taking advantage of software bugs), retail for under N4,923.17.
“The average cost of compromised Remote Desktop Protocol credentials is just N2,092.35. Vendors are selling products in bundles, with plug-and-play malware kits, malware-as-a-service, tutorials, and mentoring services reducing the need for technical skills and experience to conduct complex, targeted attacks – in fact, just 2 to 3 per cent of threat actors today are advanced coders,” the report explained.
Commenting on the report, senior malware analyst at HP Inc., author Alex Holland, said: “unfortunately, it is never been easier to be a cybercriminal. Complex attacks previously required serious skills, knowledge and resource. Now the technology and training is available for the price of 3 litres of fuel. And whether it is having your company and customer data exposed, deliveries delayed or even a hospital appointment cancelled, the explosion in cybercrime affects us all.”
“At the heart of this is ransomware, which has created a new cybercriminal ecosystem rewarding smaller players with a slice of the profits. This is creating a cybercrime factory line, churning out attacks that can be very hard to defend against and putting the businesses we all rely on in the crosshairs,” Holland added.
HP consulted with a panel of experts from cybersecurity and academia – including ex-black hat hacker Michael ‘Mafia Boy’ Calce and authored criminologist, Dr. Mike McGuire – to understand how cybercrime has evolved and what businesses can do to better protect themselves against the threats of today and tomorrow.
They warned that businesses should prepare for destructive data denial attacks, increasingly targeted cyber campaigns, and cybercriminals using emerging technologies like artificial intelligence to challenge organisations’ data integrity.
To protect against current and future threats, the report offers up the following advice for businesses: “Master the basics to reduce cybercriminals’ chances: Follow best practices, such as multi-factor authentication and patch management; reduce your attack surface from top attack vectors like email, web browsing and file downloads; and prioritise self-healing hardware to boost resilience.
“Focus on winning the game: plan for the worst; limit risk posed by your people and partners by putting processes in place to vet supplier security and educate workforces on social engineering; and be process-oriented and rehearse responses to attacks so you can identify problems, make improvements and be better prepared.”
Global head of security for personal systems at HP Inc, Dr. Ian Pratt, said: “we all need to do more to fight the growing cybercrime machine. For individuals, this means becoming cyber aware. Most attacks start with a click of a mouse, so thinking before you click is always important. But giving yourself a safety net by buying technology that can mitigate and recover from the impact of bad clicks is even better.”
