The Cybercrime Economy Is Fueled by Automation. Here’s How to Fight Back
Cybercrime is big business. A recent study by Atlas VPN found that cybercriminals rake in more than $1.5 trillion in revenue annually — triple the earnings of retail giant Walmart. If you count all the global costs of cybercrime, it would be equivalent to the world’s third-largest economy, according to Cybersecurity Ventures.
Cybercrime is lucrative because it is operated like a business. The most profitable cybercrime organizations have top-down hierarchies with executive leadership and human resources staff. Stolen credentials and exfiltrated data are marketed on the dark web, along with malware, exploit kits, bulletproof hosting and cloud-based attack services.
Like any business, cybercriminal organizations make investments to enable growth. According to the World Economic Forum, cybercriminals reinvest about $1 trillion each year in the development of new hacking techniques and cyberattack weapons. By contrast, legitimate organizations spend just $145 billion annually on cybersecurity.
Automation is a key area of investment for cybercriminals. Automated tools enable hackers to execute more cyberattacks with less risk. To counter these threats, organizations need to invest in automated cyber defenses and the expertise to take full advantage of them.
How Cybercriminals Use Automation
Insikt Group has released a new report on “Automation and Commoditization in the Underground Economy.” In it, the veteran threat researchers analyze several types of tools that cybercriminals are using to automate tasks. Here’s a look at four of them:
- Keyloggers monitor a user’s keystrokes to capture credentials, payment card data and other sensitive personal information. Some go further to record calls, text messages, GPS positioning and more. The data is automatically sent back to the hackers via email or upload to a website or database.
- Brute-force checkers perform a series of steps to validate or access passwords for thousands of user accounts. For example, the automated script test to see whether an account exists then attempts to use passwords stolen from another attack to access the account.
- Crypters and loaders work together to install malware while evading security tools. Crypters user encryption to disguise malicious code while loaders execute the malware on the victim’s system. Because this requires some technical skill, less-experienced hackers often purchase these tools on the dark web.
- Exploit kits are used to detect vulnerabilities, such as unpatched software, on a victim’s system then launch one or more attacks that exploit those vulnerabilities. The “kit” includes everything the hacker needs to carry out the attacks depending upon the vulnerabilities that are found.
Increasingly, cybercriminals are offering these tools as-a-service. A subscription comes with user support and regular updates as security tools become effective at detecting older techniques. This further lowers the barrier to entry into cybercrime.
Automation is a key area of investment for cybercriminals.
How to Beef Up Your Cyber Security Defenses
Clearly, basic security tools are no match for these automated threats. Your organization needs advanced protection in a layered security approach. It all starts with a next-generation firewall and intrusion prevention system to protect the network perimeter. You then need tools that work in tandem to block phishing, malware, ransomware and blended attacks. These tools should continually monitor your environment to detect attacks that get past initial defenses.
But the best tools are only as good as the people who utilize them. That’s why GDS includes 24x7x365 monitoring and management with all of our security solutions. Our expert managed IT team will analyze alerts and quickly respond to security incidents to contain the attack and minimize damage.
Cybercrime is a multitrillion-dollar global economy that’s fueled by significant investments in automated attack methods. GDS can help you fight fire with fire through our sophisticated suite of security solutions.
Benefits of Managed IT Services from Global Data Systems
- Strategic Managed IT: We help you solve your technology related business problems.
- Connectivity: We get you reliable, secure connectivity anywhere in the western hemisphere in 48 hours.
- Support: When you need help simply call our 24x7x365 support number.
- Billing: Instead of managing hundreds of vendors - get one, easy to read bill from GDS.