8 Ways Hackers Monetize Stolen Data
Hackers are craftier than ever, pilfering PII piecemeal so bad actors can combine data to set up schemes to defraud medical practices, steal military secrets and hijack R&D product information.
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt7de9d86fa8f2ac24/64f0d8348e08dfa4cd942516/Slide-1-CoverArt.jpg?width=700&auto=webp&quality=80&disable=upscale)
We are long past the era of the 14-year old teenage hacker trying to spoof a corporate or defense network for the fun of it, just because they can. While that still happens, it’s clear that hacking has become big business.
From China allegedly stealing billions of dollars annually in intellectual property to ransomware attacks estimated to top $5 billion in 2017, data breaches and the resulting cybercrime are keeping CISO and rank-and-file security managers on their toes.
Security teams need to be aware of the full range of what hackers do with this stolen data. The crimes range from stolen IP to filing fraudulent tax rebates to the IRS to setting up a phony medical practice to steal money from Medicare and Medicaid patients and providers.
"Hackers will often start by selling data on military or government accounts," says Mark Laliberte, an information security analyst at WatchGuard Technologies. "People are also bad at choosing passwords for individual services and often reuse passwords, which lets hackers try those passwords on the other websites their victims use."
Paul Calatayud, chief security officer, Americas, at Palo Alto Networks, says medical data has become especially vulnerable because many hospitals and medical practices use the same cloud-based ERP or human resources systems and hackers can piece together information and eventually enter a billing or patient information system.
For this slideshow, we explain how hackers monetize the stolen data. The following list is based on phone interviews with Laliberte and Calatayud.
Once an inventory is created, hackers will package up and sell personal information such as names, addresses, phone numbers, and email addresses. They are typically sold in bulk, mainly to maximize profit. The more recent the records are, the more valuable they are on the black market.
After several months, the hacker will bundle up authentication credentials and sell them in bulk at a discounted price on the dark web. By now, most of the credentials are worthless since the company has most likely discovered the breach and taken steps to fix it. For example, a database containing the entire LinkedIn credentials dump from several years ago is still available, but are for the most part of little value.
Criminal organizations will take stolen identities and file fraudulent tax returns, seeking to receive tax rebates from both state government treasuries and the IRS. In most cases, they piecemeal the data sets, often stealing names, addresses, social security numbers and other financial information separately. But once they have enough data they then file the fraudulent return. While the IRS reports that total fraud losses dropped 14% last year, fraudsters still stole $783 million last year.
We are long past the era of the 14-year old teenage hacker trying to spoof a corporate or defense network for the fun of it, just because they can. While that still happens, it’s clear that hacking has become big business.
From China allegedly stealing billions of dollars annually in intellectual property to ransomware attacks estimated to top $5 billion in 2017, data breaches and the resulting cybercrime are keeping CISO and rank-and-file security managers on their toes.
Security teams need to be aware of the full range of what hackers do with this stolen data. The crimes range from stolen IP to filing fraudulent tax rebates to the IRS to setting up a phony medical practice to steal money from Medicare and Medicaid patients and providers.
"Hackers will often start by selling data on military or government accounts," says Mark Laliberte, an information security analyst at WatchGuard Technologies. "People are also bad at choosing passwords for individual services and often reuse passwords, which lets hackers try those passwords on the other websites their victims use."
Paul Calatayud, chief security officer, Americas, at Palo Alto Networks, says medical data has become especially vulnerable because many hospitals and medical practices use the same cloud-based ERP or human resources systems and hackers can piece together information and eventually enter a billing or patient information system.
For this slideshow, we explain how hackers monetize the stolen data. The following list is based on phone interviews with Laliberte and Calatayud.
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024