- Ransomware such as WannaCry attack is part of larger models of lucrative “distributed” cybercrime.
- These attacks target as many people as possible, require minimal skills or effort to carry out as attackers take advantage of known vulnerabilities sold in exploit kits on the dark web.
“Attackers using distributed cybercrime tools look at your organization not as a specific target with a specific vault to unlock but, rather, as a cog in a larger money–making machine,” says Gidi Cohen, Co-Founder of Skybox Security.
He advises companies to focus on the “subset of known vulnerabilities posing an imminent threat — those actively exploited in the wild or exposed in your network — will greatly reduce your chances of a damaging cyber attack or data breach,” he explained.
In a recent post, Skybox Security provides a short history of the distributed cybercrime business model. These attackers become “multi-millionaires” quickly because of the many business benefits,” she says, which include:
- Attacks require less effort as they target “low-hanging fruit” (i.e., individuals or organizations with sub-par security)
- Attack skill level is low compared to techniques such as spear-phishing – regular ol’ phishing is good enough for weak targets
- Highly coveted zero-day vulnerabilities are no longer required for profitable attacks – mainstream CVE vulnerabilities with known exploits and existing patches will do, as many victims don’t patch regularly
- Any standard endpoint is a potential source of revenue, making lateral movement toward the crown jewels irrelevant
- When you attack the world, the sky is the limit – the amount of potential revenues is endless
- Less effort and more profit means better ROI