News

Researchers analyze the organizational structure of cybercrime syndicates

The stereotype of a hacker who works alone in a room lit only by the computer screen may be outdated in light of new trends bringing hackers together. It may be somewhat surprising to learn that the organizational structure of cybercriminals mirrors that of the businesses that they target. According to Fortinet's 2013 Cybercrime Report, many syndicates are run by hierarchies that are parallel to the corporate world.

Most hacker groups are driven by the same motivations as businesses, with profit and retribution appearing as lead objectives. As a result, Fortinet analysts likened the leadership of cybercrime syndicates to that of executives tasked with ensuring smooth operations.

In addition, these groups employ profitability frameworks to remain functional. Analysts identified two primary models through which malware developers generate revenue. Through "pay-per-click," money is doled out for generating traffic on an advertising website. The "pay-per-install" model gives rewards for the number of machines infected by malicious software.

Just as cybercriminals are organized in deploying their attacks, businesses must take an organized approach to preventing them.

"That means developing a comprehensive and layered security strategy that consists of a variety of elements, including intrusion prevention, botnet and application control, web filtering, antispam, and antivirus," Fortinet suggested. "It is also incumbent upon an organization to educate its users about security best practices, while creating adequate enforceable mechanisms for security policy violations."

Sharing cybercrime data
One of the advantages the cybercriminal has is that separate groups are encouraged to share threat information. Cybersecurity journalist Brian Krebbs looked closely at the market for stolen passwords in a December blog post.

"At the forefront of this trend are the botnet creation kits like Citadel, ZeuS and SpyEye, which make it simple for miscreants to assemble collections of compromised machines," Krebbs wrote. "By default, most bot malware will extract any passwords stored in the victim PC’s browser, and will intercept and record any credentials submitted in web forms, such as when a user enters his credit card number, address, etc. at an online retail shop."

In some cases, credentials were sold individually. However, Krebbs noted one instance of six GB worth of botnet data being offered for $150. A significant amount of the information came from ecommerce businesses, suggesting that more stringent website security practices could be helpful for online retailers.

With cybercriminals casting wider nets to steal customer data, businesses stand to gain trust from securing their websites throughout. Get your SSL certificate today to protect data in-transit. 

corporate office

Thawte
The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +27 21 819 2200
Fax: +27 21 819 2950

Buy now! Try now!