Who’s going to be the next cyber attacker your organization will be guarding against?
It could be a state-backed hacking group, a cyber syndicate or a cyber activist. But there’s also a good chance that it could even be a non-tech-savvy individual whose hacking skills are limited to downloading apps from the Web, according to Raj Samani, chief technology officer of McAfee Inc. for Europe, Middle East and Africa.
“All you have to do is type DDoS service in Google and the third or fourth item on the search list will lead you to a site selling denial-of-service attacks,” he said.
Among the services they found were being hawked on the Internet were:
- Cybercrime-as-a-service: Includes identification and development of exploits and materials needed to carry out an attack
- Research-as-a-service: Lets customers acquire from targets items such as intellectual property, email address and personal data
- Cybercrime infrastructure-as-a-service: Development of a service than can support cybercrime operations ranging from sending out email spam to DoS attacs
- Hacking-as-a-service: A one-stop-shop solution. Allows customers to outsource an entire attack, from research to infrastructure building to staging the attack
“These services are available to anyone with a credit card,” said Samani. And with the growing popularity of virtual currencies, the possibilities for anonymity has grown larger.
McAfee also found the underground market for exploit brokers continues to grow. While software vulnerabilities have been available commercially for years, brokering services have been doing pretty well lately.
For instance, Samani said, a recent Forbe’s article identifies a person known only as Grugg who acts as a middleman selling exploits to government agencies. The broker was able to sell an Apple iOS exploit for $250,000 and pocketed 15 per cent of the price.
The bot threat
Some of the most serious threats networks face today are "bots," remotely controlled robotic programs that strike in many different ways and deliver destructive payloads, self propagating to infect more and more systems and eventually forming a "botnet."