Facebook Twitter Instagram
    Trending
    • 5 Ways Technology Makes Your Business Efficient
    • The Journey from Tech Side Project to Return on Investment
    • Top 3 Best Tech Advancements to Help You De-Stress
    • Advancements in Car Technologies Affecting Infrastructure Development
    • David Marcus Talks about the Blurred Lines in Cybersecurity
    • Audi and the Massive Automotive Changes Between 2025 and 2030
    • How to Deploy Managed IT Services in a Mixed Mac and Windows Environment
    • 5 Tech Developments That Have Revolutionized Investing
    TechSpective
    • RSS
    • Facebook
    • Twitter
    • Google+
    • LinkedIn
    • Instagram
    • Pinterest
    • News & Analysis
      Featured
      March 6, 20211

      Fixing The World One Person At A Time: Cisco Networking Academy

      Recent
      April 9, 2021

      CISO Panel Discussion Weighs in on Cybersecurity in the Digital Age

      April 2, 2021

      FTC vs. Qualcomm: Did Apple Illegally Influence The FTC?

      April 2, 2021

      A Look at Microsoft Mesh

    • Business
      Featured
      March 6, 20211

      Fixing The World One Person At A Time: Cisco Networking Academy

      Recent
      April 21, 2021

      5 Ways Technology Makes Your Business Efficient

      April 21, 2021

      The Journey from Tech Side Project to Return on Investment

      April 19, 2021

      How to Deploy Managed IT Services in a Mixed Mac and Windows Environment

    • Security
      Featured
      March 7, 20211

      Pandemic Unmasks Vulnerability to Automated Bot Attacks

      Recent
      April 13, 2021

      Shashi Prakash Chats about Cryptocurrency and NFT Fraud

      March 30, 2021

      Exploiting Embedded Linux Devices Through the JTAG Interface

      March 28, 2021

      Zero Trust for Data

    • Microsoft
      Featured
      September 12, 20201

      The Microsoft Surface Duo: The Communications Device for Those That Think Different

      Recent
      September 12, 2020

      The Microsoft Surface Duo: The Communications Device for Those That Think Different

      July 13, 2020

      Learning from the Microsoft Store Failure

      May 15, 2020

      The Microsoft Surface Earbuds: How Many Ways Can You Say “Awesome!”?

    • Podcasts
    • Technology
      Featured
      March 1, 20212

      Could Home Study Be Better for Education? Using Technology to Craft a Better Tomorrow

      Recent
      April 21, 2021

      Top 3 Best Tech Advancements to Help You De-Stress

      April 20, 2021

      Advancements in Car Technologies Affecting Infrastructure Development

      April 19, 2021

      Audi and the Massive Automotive Changes Between 2025 and 2030

    • Reviews
      Featured
      March 4, 20210

      Dell’s UltraSharp 40 – Improving Work and Workplaces with Monitor Innovations

      Recent
      8.0
      March 29, 2021

      Review: Peril Protect

      10.0
      March 15, 2021

      Review: Tesla Puddle Lights

      9.0
      March 13, 2021

      Review: Ubiquiti UniFi Dream Machine Pro

    TechSpective
    You are at:Home»Security»Botnet»The Consumerization of Cybercrime
    cybercrime
    Image from Pixabay

    The Consumerization of Cybercrime

    1
    By Christine Barry on March 14, 2017 Botnet, Data Breach, Data Loss Protection, Malware, Security, Security Awareness

    If anything has been clear in the last couple of years, it’s that the barriers to becoming a successful cybercriminal keep coming down. Internet connectivity is more accessible, technology is more affordable, and traditionally ‘dumb’ devices are smarter. This has opened up a world full of opportunity for folks who want to make some easy money or have their mind set on punishing some political or personal targets.

    To avoid getting into a long history of computer crime and the origins of the term ‘hacking,’ let’s say that modern(ish) cybercrime started in the 1970’s. This is the decade when email was born, Bill Gates wrote some code, and Kevin Mitnick broke into his first major computer system. Through the 1970’s, and most of the next three decades, cybercrime was for those who had inside access or advanced knowledge of how computers worked. Closed networks and BBS systems eventually gave way to worldwide Internet connectivity and increasingly affordable household access. While most Internet users were limited to the features provided by web browsers and applications like AOL, those with advanced skills were pushing boundaries and breaking laws.

    Today the successful cybercriminal doesn’t have to be highly skilled or have privileged access to a system. The community of criminals on the Internet has made it possible for almost anyone to join them.

    Script kiddies

    Anyone who is able to download a piece of software or copy and paste some script is able to join the ranks of the ‘script kiddie,’ or ‘skiddy.’ This the low-skilled ‘hacker’ who uses the work of others in order to find and exploit vulnerabilities in other systems. They often leave significant tracks back to their own systems because they have only a basic understanding of what they are doing. Despite their relatively low skills, they have been responsible for significant damage with the politically motivated attacks against Amazon.com, MasterCard, Visa and PayPal.

    Consumers of criminal services

    There is a huge ecosystem of retail criminal services that makes cybercrime accessible to a broader and lower-skilled market. Consumers who purchase these services need only to pay a fee and provide a target. One example of this is the 2015 attack using the ‘DDoS for hire’ service LizardStresser. Six teens were arrested for hiring the service to attack a variety of retailers and other websites. Although some of the LizardStresser creators were arrested, the tool remains online and available for amateurs to use. Consumers of these services may be script kiddies, disgruntled former employees who want ‘revenge’ on a company, or even higher-skilled cyber criminals who want to use someone else’s infrastructure for an attack.

    The hybrid criminal

    And then there are the folks who are planning their own attack but need assistance with certain tasks. These folks are the ones who use services like Satan Ransomware-as-a-Service, where a criminal can log in to the Satan website and use the developer’s tools to customize the attack. The Satan site offers custom ransom configuration and payment tracking, and even provides malware tutorials to help with payload delivery. Once the ransomware is customized, the ‘customer’ then distributes it using his own spamming system.

    Obviously the modern cybercriminal doesn’t need to have a lot of skills to wreak a lot of havoc. This ‘consumerization of cybercrime’ has created a much larger group of threat actors than we’ve ever seen before.

    What does it mean?

    Fortunately for the industry, many of the threat actors referenced above can be stopped simply because they use outdated or predictable techniques. Barracuda security solutions are able to stop threats like this with sandboxing and Advanced Threat Detection (ATD). New threats are found and neutralized quickly by the IT security industry, but ultimately the last line of defense is the user. Unfortunately, the user is almost always the weakest link in network security.

    As I mentioned earlier, even low-skilled disgruntled employees and former employees can create a cyber risk to a company. While that is a valid threat scenario, most companies are more likely to suffer from an employee who isn’t malicious at all. Each careless employee is a point of vulnerability, and the threat actors welcome the assistance. According to this article, the average cost of a data breach is about $6.2 million, but only 45% of surveyed companies make security training mandatory for employees. 29% of those companies allow senior level executives to skip the training, which means that the most privileged users may not be getting any training at all.

    IT staff clearly need some top-down help in order to create a culture of mindfulness when it comes to security. Installing insecure smart devices, using the corporate password for personal accounts, ignoring the dangers of suspicious links, etc., are habits that can be changed with model behavior and enforcement. With so many malicious actors launching attacks into the wild, you can’t afford to let your last line of defense be your weakest link.

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleIBM Builds the Case and Market for Quantum Computing
    Next Article Cisco Spark Board: The Potential for the First AI-Powered Smartboard
    Christine Barry
    • Website

    Christine Barry is the Chief Blogger and Social Content Manager for Barracuda Networks. Connect with her on LinkedIn at https://www.linkedin.com/in/clbarry/

    Related Posts

    The Journey from Tech Side Project to Return on Investment

    Shashi Prakash Chats about Cryptocurrency and NFT Fraud

    CISO Panel Discussion Weighs in on Cybersecurity in the Digital Age

    Comments are closed.

    Site Sponsors
    Qualys
    Intel
    Adobe
    PopSpective
    Coffee and Politics
    DevOps.com
    • Technology
    • Popular
    • Top Reviews
    April 21, 2021

    Top 3 Best Tech Advancements to Help You De-Stress

    April 20, 2021

    Advancements in Car Technologies Affecting Infrastructure Development

    April 19, 2021

    Audi and the Massive Automotive Changes Between 2025 and 2030

    9.0
    July 14, 2016

    Review: Lenovo Yoga 900S

    9.5
    March 2, 2015

    Review: Asus Zenbook UX305 ultrabook

    8.0
    February 9, 2015

    Review: Burg 12 smartwatch

    9.7
    November 16, 2018

    Review: BlackVue DR900S-2CH Vehicle Dash Cam

    9.5
    September 2, 2015

    Review: Microsoft Band

    May 27, 2014

    Protect your family photos with ScanMyPhotos

    Popular Posts
    9.0
    July 14, 2016

    Review: Lenovo Yoga 900S

    9.5
    March 2, 2015

    Review: Asus Zenbook UX305 ultrabook

    8.0
    February 9, 2015

    Review: Burg 12 smartwatch

    PopSpective
    Adobe
    PopSpective
    Adobe
    About

    TechSpective covers technology trends and breaking news in a meaningful way that brings value to the story, and provides you with information that is relevant to you. We offer in-depth reporting and long-form feature stories, as well as breaking news coverage, product reviews, and community content in plain English terms, and with a unique perspective on technology.

    Qualys
    © 2020 Xpective, Inc.
    • About
    • Privacy
    • Advertise
    • Subscribe
    • Contact

    Type above and press Enter to search. Press Esc to cancel.