Why Distributed Cybercrime Is Lucrative

CyberPrivacy Brief:

  • Ransomware such as WannaCry attack is part of larger models of lucrative “distributed” cybercrime.
  • These attacks target as many people as possible, require minimal skills or effort to carry out as attackers take advantage of known vulnerabilities sold in exploit kits on the dark web.

 “Attackers using distributed cybercrime tools look at your organization not as a specific target with a specific vault to unlock but, rather, as a cog in a larger money–making machine,” says Gidi Cohen, Co-Founder of Skybox Security.

He advises companies to focus on the “subset of known vulnerabilities posing an imminent threat — those actively exploited in the wild or exposed in your network — will greatly reduce your chances of a damaging cyber attack or data breach,” he explained.

In a recent post, Skybox Security provides a short history of the distributed cybercrime business model. These attackers become “multi-millionaires” quickly because of the many business benefits,” she says, which include:

  1. Attacks require less effort as they target “low-hanging fruit” (i.e., individuals or organizations with sub-par security)
  2. Attack skill level is low compared to techniques such as spear-phishing – regular ol’ phishing is good enough for weak targets
  3. Highly coveted zero-day vulnerabilities are no longer required for profitable attacks – mainstream CVE vulnerabilities with known exploits and existing patches will do, as many victims don’t patch regularly
  4. Any standard endpoint is a potential source of revenue, making lateral movement toward the crown jewels irrelevant
  5. When you attack the world, the sky is the limit – the amount of potential revenues is endless
  6. Less effort and more profit means better ROI

Further Reading:

Distributed Cybercrime A Growing Threat To Factories, Infrastructure

Staying Ahead of The Distributed Cybercrime Threat

 

Please leave us a comment

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s