As we become increasingly reliant on technology in our daily lives, the risk of cybercrime continues to grow. While traditional criminal activities such as theft and fraud have long been a part of our society, the rise of cybercrime has introduced new and often more insidious threats. And as the world becomes more interconnected, the commercialization of cybercrime is making it easier than ever for criminals to profit from these activities.
Underground cybercriminal marketplaces are becoming increasingly commodified and are operating like mainstream businesses. Cybercrime sellers are now advertising their services and listing job offers to recruit attackers with distinct skills. Some marketplaces have dedicated help-wanted pages and recruiting staff, while job seekers post summaries of their qualifications and skills.
According to the recently published Sophos 2023 Threat Report, cybercriminals are taking advantage of the commercialization and convenience of cybercrime-as-a-service, which has almost entirely removed any barriers to committing cybercrime.
Ransomware as a service
One of the most significant threats today is ransomware. Ransomware operators have been innovative in their extortion tactics, and the demand for stolen credentials continues to grow. Criminal underground marketplaces like Genesis have long made it possible to buy malware and malware deployment services (‘malware-as-a-service’) and to sell stolen credentials and other data in bulk. Over the past decade, with the increasing popularity of ransomware, an entire ‘ransomware-as-a-service’ economy sprung up. And now, nearly every aspect of the cybercrime toolkit, from initial infection to ways to avoid detection, is available for purchase.
Sophisticated tools on sale by cyber criminals
Sophisticated cybercriminals are now selling tools and abilities that were previously only available to the most sophisticated attackers. For instance, we now see scanning-as-a-service, where buyers can access legitimate commercial tools like Metasploit to find and exploit vulnerabilities. In addition, OPSEC-as-a-service is offered, where sellers provide help to attackers to hide Cobalt Strike infections. The commoditization of cybercrime is transforming the threat landscape, providing more opportunities for any attacker with any skill level.
Job offers for cyber criminals
Underground cybercriminal marketplaces are becoming increasingly commodified and are operating like mainstream businesses. Cybercrime sellers are now advertising their services and listing job offers to recruit attackers with distinct skills. Some marketplaces have dedicated help-wanted pages and recruiting staff, while job seekers post summaries of their qualifications and skills.
Expansion of as-a-service economy
The expansion of the as-a-service economy has incentivized the growth of ransomware and the commoditization of the industry. The demand for credential theft has also increased, with novice criminals using it to gain access to underground marketplaces and begin their careers. As web services expand, various types of credentials, particularly cookies, can be used to gain a deeper foothold in networks, bypassing MFA.
The impact of Ukraine war on cybercrimes
Financially motivated scams increased immediately after the invasion, and nationalism led to a shake-up of criminal alliances between Ukrainians and Russians, particularly among ransomware affiliates. Attackers continue to exploit legitimate executables, using living off the land binaries (LOLBins) to launch various types of attacks, including ransomware. Mobile devices are now at the center of new types of cybercrimes, and attackers are still using fake applications to deliver malware injectors, spyware, and banking-associated malware.
So, are we in more danger?
The short answer is yes. Criminals are increasingly turning to cybercrime as a way to profit from illegal activities, and the commercialization of these activities is making it easier than ever for them to do so. From ransomware attacks that can shut down entire organizations to data breaches that can expose sensitive information, the risks associated with cybercrime are significant and growing.
But it’s not all doom and gloom. As individuals and organizations, there are steps we can take to protect ourselves from these threats. By staying informed about the latest threats and investing in robust security measures, using strong passwords, and using up-to-date antivirus software, we can reduce our risk of falling victim to these attacks.
