Last month was the start of a five-part series for this column about the cyber threats facing individuals and businesses in our region. As noted previously, the top threats in 2019 include geopolitical actors, evolving cybercriminals, ransomware, supply chain threats, and cloud vulnerabilities.
Each threat could have a negative impact on you individually and to your organization. If you aren't protecting yourself and your business, now is the time to do something.
Accenture iDefense Security released its 2019 Cyber Threatscape Report with the top five threats faced. Last time we focused on the first threat: "Compromising Geopolitics: New threats emerge from disinformation and technology evolution." This month, the focus will be on the second threat: "Cybercriminals adapt, hustle, diversify, and are looking more like states."
Over the last 25 years, cybercriminals have changed their tactics and structure. In 1995, Kevin Mitnick was arrested by the FBI for computer hacking and wire fraud over a two-and-a-half year period. Mitnick later testified before the U.S. Senate that he considered himself an "explorer" of the computer networks and not a criminal. The perspective of the cybercriminal has changed a great deal in 25 years.
Cybercriminals are better organized, better focused, operate similar to a business organization, and expect a return on their investment.
To describe the changes occurring among cybercriminals, the analysts at Accenture iDefense broke down these changes into four different categories: conventional cybercrime operations; localized cybercrime; targeted attacks; and "hack 'n hustle."
In the past, conventional cybercrime operations included buying and selling hacking tools via open forums on the dark web.
For example, a person with little technical knowledge could visit one of the forums and purchase a hacking tool created by someone with much more experience. Since the forums were open, law-enforcement agencies have been able to find the forums as well.
With multiple takedowns, the study found that criminal organizations are shifting to a closer-knit structure. Instead of using the open-forums, it's closer to the structure of a nation-state or crime syndicate.
The second category, localized cybercrime, is similar to localized common crime. It takes advantage of local knowledge such as the technology culture, along with the "social, political, legal, and economic environment." This type of activity is seen in many areas of the globe, especially in China, where technology developments and innovation are occurring quickly.
One description of targeted attacks is "Big Game Hunting," with criminals are using common malware and "off-the-shelf" hacking tools to target specific individuals or organizations. This activity can be time extensive and expensive, but can also have a tremendous impact, if successful.
A recent example is that of Amazon's Jeff Bezos. There are differing accounts of who targeted him, whether it was a nation-state, a private organization or criminal organizations. Regardless of the hacker, Bezos was targeted due to his publicity. Organizations and individuals may be targeted due to ideology, publicity, or even monetary gain.
According to Accenture iDefense, the past few years have seen a significant increase in "hack 'n hustle," the sale of compromised networks on the black market. For years, networks were compromised to steal information to sell the information stolen on the black market.
Criminal organizations have made a lot of money by stealing personal information from their victims, and the number of breaches occurring for financial gain is increasing. The sale of remote access to organizations without the knowledge of the victim is another tool in the hacker's toolbox and another concern for organizations.
Despite the successes seen by law enforcement over the months, cybercriminal activity is increasing. Unfortunately, these illegal activities are profitable for criminal organizations. The results of the study and its analysis reveal that not only will these activities continue, but the bad guys are improving their methods of avoiding detection.
This sounds bad, right? Honestly, cybercrime is a serious problem facing our world. Whether your organization is large or small, creates large profits or small, or very public or private, your organization must continue to improve the protections, procedures, and tools being used to protect itself.
Perhaps, there was a time when utilizing anti-virus software may have been sufficient to protect your computer or a time when the criminal required physical access to your building to be a threat. Regardless, that is not the case now. As criminals are growing in sophistication, so must you. There are many examples of data breaches against small businesses in our region. Our region and your business are not immune to the cybercrimes and threats described in the column.
If you have considered upgrading your network or improve the tools being utilized, now is the time.
If you or your organization has no cybersecurity protections, now is the time to do something.
Michael Ramage is the director of the Center for Computer and Information Technology at Murray State University. He can be reached at firstname.lastname@example.org or 270-809-3987 for more information.