The Evolution of Cyber Crime

If you hold valuable information, there will always be criminals looking to steal it for financial gain or a competitive edge. When applied to the field of computers and the Internet, this becomes known as “cyber crime.” Cyber crime is often misunderstood and people think it is associated with the stealing of or fraudulent activity around financial data.

However, cyber crime encompasses any information that a criminal can exploit for their personal gain including customer data, intellectual property, PII, health records, and financial information.

Spamming for Profit 
As the Internet developed at the beginning of the 21st century, email proved to be a key application. As users embraced email, so did a new character – the spammer. Spammers made millions of dollars per month by promoting products of a dubious nature through unsolicited email. As anti-spam systems blacklisted their servers, spammers discovered that they needed large numbers of fresh computers to continue to deliver spam to inboxes.

By teaming up with malware writers, spammers could use computers infected with malware to send their messages. This new business model fueled the development of botnets of vast numbers of infected machines—all under the criminal control—to continue to send spam.

Denial of Service Attacks
Innovative minds identified new criminal business opportunities that could be provided by botnets. If many computers access a website at once, the spike in demand consumes the website’s resources, rendering it unable to serve web pages. These denial of service (DoS) attacks could disable a website for days at a time, causing financial harm to the fledgling dot-com industry. Hence, the 21st century equivalent of the protection racket evolved to the launch of denial of service attacks to disable websites unless owners pay the ransom.

Anonymous Markets
As legitimate web services grew and flourished, so did criminal services. Criminals found that credentials and personal information could be harvested from malware-infected computers.

Criminal specialists knew how to monetize this stolen information but didn’t necessarily have the specialized skills necessary to write and distribute the malware needed to collect the information. This lead to the development of underground markets where individuals who could infect computers or collect stolen information could meet and sell their services to those who could capitalize on the stolen data.

As criminals profited from information stolen by malware, nation states began to invest in the development of espionage by malware and the era of the Advanced Persistent Threat (APT) was born. State-sponsored teams of hackers could take the time to invest in stealthy and persistent attacks against chosen targets and steal valuable information for geo-political reasons or economic gain.

Crime-As-a-Service
As technology evolves, cyber criminals are able to make money in new ways, hide their tracks and remain hidden in the shadows. The 2014 Internet Organized Crime Threat Assessment (iOCTA) highlights that a service-based criminal industry is developing to the point where an increasing number of those operating in the virtual underground are starting to make products and services for use by other criminals. The diffusion of a “crime-as-a-service” business model allows cyber criminals without considerable technical expertise to operate.

From Heartbleed and Shellshock to the Target breach and the Sony hack, cyber attacks are daily news and we must remain aware of the lessons from the past and consider how new systems expose us to crime in new ways.

The Internet does not necessarily create new crimes; it merely creates new opportunities for the same crimes to be carried out in a different medium.

There are 4 ways to protect your data to make it harder to obtain and less profitable to attackers.

  • Ensure that the software you use is up-to-date and that the hardware it runs on is kept current.
  • Continuously monitor and log networks and systems to detect patterns and anomalies. This will allow action to be taken before the cyber criminal has a chance to act. Retain security expertise in your organization to proactively and reactively respond to security threats when they are detected.
  • Provide security awareness training for staff to help keep people looking out for attacks.
  • Make sure that firewalls and web application firewalls are in place and correctly configured. This, coupled with encrypting sensitive data, will help with your security strategy.

Cyber crime is constantly evolving, but so are the defenses to counter it. It is up to all of us to ensure those defenses are kept in place.

Additional Resources:

[Webinar] Evolution of Cyber Crime in the UK

To get the latest on threats and vulnerabilities delivered to your inbox, sign up for the Weekly Threat Report.

About the Author

Martin Lee - Intelligence Manager

Martin Lee

Martin Lee has more than 18 years of experience in system development and 12 years within the security industry. He researched the latest developments in cyber crime and the impact on organizations. A native of England, he is a Certified Information Systems Security Professional (CISSP) and a Chartered Engineer, with degrees from the universities of Bristol, Cambridge, and Oxford.

@mlee_security | More Posts by Martin Lee