As the amount of data stored digitally continues to increase exponentially and business organizations depend more and more on digital solutions, IT pros responsible for the protection of that data should be fully aware of the potential threats from hackers, spammers, and phishers. This includes understanding the dangers presented by both corporate email accounts and social media accounts of employees, both of which are incredibly attractive to hackers.
The cybercrime marketplace is thriving, with practitioners offering services that include the hacking of email and social media accounts, launching DDoS attacks, and even providing full business dossiers for companies and organizations. Incredibly, some players in this increasingly sophisticated underground market are even competing against one another, with sales pitches that include great customer service, extended business hours, free trials, and money-back guarantees. Sound crazy, it’s not. Cybercrime is a very lucrative business these days.
These eye-opening trends are revealed in the Underground Hacker Markets Report from Dell SecureWorks. The 2016 report, the third in a series, delves into the numerous underground hacker forums and marketplaces around the world to convey a sense of what is happening in cyber crime. Whether hackers are the DIY type or want to hire someone to do their dirty work for them, there are a plethora of options.
The authors of the report suggest that while the majority of cybercrime takes place away from the sight of these publicly accessible marketplaces, their research gives valid insight into the world of the cybercriminal. With a focus on marketplaces located in the Russian underground and English-speaking marketplaces, the study revealed some interesting—some might say frightening—issues which should definitely make companies sit up and take notice.
Hacker Goods and Services for Sale
The report begins with a price list compiled from the research. The list of goods and services offered by cybercrime shops is comprehensive and includes:
- Hacking email and social media accounts, both personal and corporate
- Website hacking and DDoS attacks
- Credit card details across a range of providers and countries
- Hacking tools such as Remote Access Trojans and crypters
- Personal identity details including passports, Social Security cards, and drivers’ licenses
- Online account credentials and bank account details (for fees ranging from 1% to 5% of account balances)
- Airline and hotel point balances
Want to learn how to do it yourself? You can, thanks to hacking tutorials available for just $20.
The researchers also identified that the practice of ATM skimming continues to thrive. Skimming devices are for sale at a starting price of $400, with additional options for Bluetooth, cameras, and GSM also available at vastly inflated rates over the already high street prices. One seller even offers a package of 3D design files of skimmer fronts for ATMs and a connection to a 3D printing factory, all while promising buyers the following: “Don’t worry as the factory is cheap and discreet, and all the pieces are custom made and tested in the real world, [sic] every piece have been designed to fit perfect, [sic] this is no bull.”
Hackers for Hire
The study found there is no shortage of hackers willing to hack into the email account of your choice, with a promise of results within a few hours and evidence of a “smooth operation.”
A typical service offers access to all websites registered by the email account owner, as well as access to social media accounts, personal correspondence, and confidential data of the victim. The service also affords the ability to make changes to and even delete the email accounts. Rates for these hacking services are quoted at around $129 for the hacking of a Gmail, Yahoo, or Facebook account and $500 for access to a corporate email account.
Also available is the disruption of web services by way of Denial of Service (DOS) attacks. One set of hackers promote their DOS skills with the promise that “their service is a quick solution to your problems with competitors and enemies,” according to the report.
Like in any other market perks such as discounts, money-back guarantees and 24/7 support are available. One hacker goes as far to state that the services “do not violate the law.” That is a claim that has no doubt created some amusement on the part of the SecureWorks security experts and report authors. Rates are said to start at $5 per day up to $1000 per month, with short free trials offered for the skeptical customer.
Business Intelligence Available
The report also suggests that hackers can provide full business dossiers of companies located within the Russian Federation. Details are said to include bank credentials and log-ins, original legal documents, and tax details. In some cases, the passport details for the officer affiliated with the bank accounts, along with the associated business phone numbers, can be made available. Prices for business dossiers of Russian companies range between $547 and $822.
The SecureWorks team report they have never before seen business information of this kind for sale from any company, let alone for Russian organizations. Given the focus of this report on the Russian underground, it doesn’t seem unreasonable to conclude that the same level of business intelligence is being sourced elsewhere.
Customer Satisfaction Guaranteed
One interesting feature from the report concerns the efforts hackers are making to differentiate themselves from their competition by offering a high level of customer service. Here is a sample from the report of the type of claims made by sellers in the cyber crime market:
- “Professionalism. We are working with only the best technologies and developments.
- We are constantly improving our technology in this area and are adopting new advanced solutions.
- Our expertise allows us to exploit various vulnerabilities on the target servers, making our attacks the most effective.
- With the continuous improvement of our technology we have huge abilities.
- You can be sure that any information regarding your order will not be shared with a third party.
- We provide conditions for the repayment of funds, if you are not entirely satisfied.
- Provide free-trials attacks on web servers.
- We are Trustworthy and Professional.”
It’s fascinating to see claims of honesty and trust in a market that promotes what appear to be criminal activities.
Protective Measures to Defeat the Hackers
Of course, if you are more aware of potential risks you are better prepared to mitigate them. In this respect, the report also reminds us of the steps that businesses must take to reduce the threat that such organized hackers present. These include-
Build strong defenses. Firewalls should be present and intrusion protection/detection systems deployed. Host intrusion prevention systems and advanced malware solutions should be employed, while email communications should be encrypted. Security intelligence should be monitored to keep up-to-date while 24/7 monitoring across web sites and networks can identify potential threats.
Implement security solutions. Endpoint security solutions should be implemented to monitor whether activities are malicious or not. Solutions should be able to monitor across process creations and associated files to assess for known and unknown threats.
Educate employees. It is critical to constantly talk with, educate, and train employees so that they can identify and avoid potential threats email and social media accounts present, and be aware of the dangers of clicking on unknown links. They are a critical line of defense in the company’s ability to avoid phishing attempts and other breaches.
Implement sound practices. The report also recommends the application of good practices for an organization, such as the use of two-factor authentication processes to add an extra layer of security in case login credentials fall into the wrong hands. Restricting the allocation of administrator rights, regular backups, and effective contingency plans are also highly recommended.
The study concludes that the market for cybercrime is booming, as evidenced by the thriving underground forums that they were able to examine. That is likely just the tip of the iceberg, so the onus is on businesses and other organizations to implement these good practices and keep their data secure.
Does the prospect of a security breach keep you up at night? Did you know that so much of this nefarious activity could be, and is being, purchased—and at such a low price? Most IT pros we speak with are on guard constantly, but the reality is that there’s really no end in sight as it relates to cybercrime. The hackers keep getting smarter and businesses need to do the same. Easy to say, not always as easy to do.
The full report is a terrific read and available to download (registration required) at 2016 Underground Hackers Market Annual Report
Shelly Kramer is a Principal Analyst and Founding Partner at Futurum Research. A serial entrepreneur with a technology centric focus, she has worked alongside some of the world’s largest brands to embrace disruption and spur innovation, understand and address the realities of the connected customer, and help navigate the process of digital transformation. She brings 20 years' experience as a brand strategist to her work at Futurum, and has deep experience helping global companies with marketing challenges, GTM strategies, messaging development, and driving strategy and digital transformation for B2B brands across multiple verticals. Shelly's coverage areas include Collaboration/CX/SaaS, platforms, ESG, and Cybersecurity, as well as topics and trends related to the Future of Work, the transformation of the workplace and how people and technology are driving that transformation. A transplanted New Yorker, she has learned to love life in the Midwest, and has firsthand experience that some of the most innovative minds and most successful companies in the world also happen to live in “flyover country.”