There’s no doubt that cybercrime is on the increase. That is the message from multiple sources across both the public and private sectors. Indeed, the Federal Bureau of Investigation (FBI) reported a decline in physical crimes such as bank robberies in 2012 as opposed to cybercrime, which has increased at an alarming rate. Clearly, the risk associated with physical crimes, such as bank robberies, contributes to such a shift; cybercriminals enjoy the luxury of carrying out their crimes from a physical location of their choosing.
However, one possible contributing factor to this increase is the ease with which cybercrime tools are available. Moreover, the cybercrime market now affords potential criminals with a multitude of services which means that deep technical expertise is not a prerequisite. Much like cloud computing, the services-based nature of cybercrime allows greater efficiency and flexibility when conducting business.
The ability to provide technology solutions as a service to businesses has allowed organizations to focus on their core competencies.
An unintended consequence of this evolution has been the rise of the as-a-service acronym “aaS” and a marketplace offering multiple variants of hosted services.
Although this approach may seem innovative, the as-a-service model itself is nothing new.
The underground economy established by nefarious cybercriminals has used a services-based model for considerably longer than businesses have enjoyed the benefits of cloud computing.
Although the term Crimeware-as-a-Service may be relatively new, the servicesbased nature of cybercrime has been in effect considerably longer than its descriptive acronym. Moreover, the services based approach extends well beyond hiring individuals to undertake specific tasks (for example, coding an exploit), with a broad variety of products and services available either to buy or rent.
This paper analyzes the growth of the “as-a-service” nature of cybercrime. In particular, it focuses on the evolving manner in which the various actors advertise their services and on the multitude of services now available along with their associated costs. What has become evident is that the marketplace contains many stakeholders, ranging from formal, legitimate organizations selling vulnerabilities to parties that meet their strict eligibility criteria to underground websites that allow individuals to offer illegal services.
The focus on cybercrime at a global level by law enforcement has led to “as‑a-service” models for illegal activities going even deeper underground.
Such underground platforms are implementing stronger mechanisms to ensure that participants are who they purport to be (or at the very least are not law enforcement officials). Ironically, while the platforms that facilitate the services marketplace for illegal activities are going deeper underground, the trade in zero-day vulnerabilities is more transparent than ever before.
This paper provides insight into the cybercrime marketplace and presents pricing schemes for the services offered. Clearly, these prices will differ based on the sources. One point, however, must be clear: much like law enforcement partners around the world, EC3 European Cybercrime is relentless in the pursuit of criminal groups or networks
who steal your money, your information, or your identity and of those who engage in online abuse of children.
By Raj Samani, Vice President and CTO, EMEA, McAfee and François Paget, Senior Threat Research Engineer, McAfee Labs
Please download the full Cybercrime Exposed Whitepaper (PDF)