Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

4/13/2020
10:00 AM
Marc Wilczek
Marc Wilczek
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

Cybercrime May Be the World's Third-Largest Economy by 2021

The underground economy is undergoing an industrialization wave and booming like never before.

As organizations go digital, so does crime. Today, cybercrime is a massive business in its own right, and criminals everywhere are clamoring to get a piece of the action as companies and consumers invest trillions to stake their claim in the digital universe.

That's why the World Economic Forum's (WEF) "Global Risks Report 2020" states that cybercrime will be the second most-concerning risk for global commerce over the next decade until 2030. It's also the seventh most-likely risk to occur, and eighth most impactful. And the stakes have never been higher. Revenue, profits, and the brand reputations of enterprises are on the line; mission-critical infrastructure is being exposed to threats; and nation-states are engaging in cyber warfare and cyber espionage with each other. 

Putting things into perspective: Walmart, which racks up America's greatest firm earnings, generated a mind-blowing $514 billion in revenue last year. Yet cybercrime earns 12 times that. Both sell a huge variety of products and services. In fact, in terms of earnings, cybercrime puts even Tesla, Facebook, Microsoft, Apple, Amazon, and Walmart to shame. Their combined annual revenue totals "just" $1.28 trillion. 

The cybercrime markets have also split up into groups as the bad guys take pains to gather in secretive, exclusive discussion boards to avoid scrutiny from police and fraudsters. Their constantly evolving portfolio of cybercrime services includes everything from distributed denial-of-service (DDoS) attacks and malware to phishing campaigns, Trojans, and massive stolen data sets — all available to anyone who's willing to pay for them.

Cybercrime is undergoing an industrialization wave and offers everything that a regular legal company does: product development, technical support, distribution, quality assurance, and even customer service. Cybercriminals rob and then sell new technologies or secret strategic plans that will give their buyers an edge over their competitors. Hackers steal military secrets, renewable energy innovations, and more. 

Cybercrime Is a Team Effort
Cybercrime is a growing concern and also less risky than committing traditional crimes such as bank robbery. In fact, the WEF says that in the US, the likelihood of catching cybercrime actors and hauling them into court is estimated to be as low as 0.05%.

With a smoothly operating team flogging a broad set of services, cybercriminals can earn roughly 10% to 15% more than their traditional counterparts. But there are yawning gaps between the revenues that different hackers pull in. It depends on the job, the risk they incur, and how many people work for the organization. The top earners can rake in more than $2 million per year.

Some people imagine that the average hacker is a geeky teenager in a hoodie hiding out in a dark basement. Some of them might be this way, but today's cybercriminals are more polished: They do everything from recruit staff to appoint executives. Some groups even have public personas who ensure the hacker group maintains its sterling reputation. This is important on the Dark Web, where hackers transact most of their business.

The United Kingdom's National Cyber Security Centre (NCSC) has highlighted that organized cybercriminals have different roles to make their operations run smoothly. There are "team leaders" who coordinate the work and are responsible for staying one step ahead of the law. They guide the "data miners," the people who systemize stolen data; "coders" who write and alter malicious code; and "intrusion specialists," who infect and infiltrate target companies. Further, "call center agents" phone people and pretend to be computer support staff; their job is to install malware on the victim's computer. "Money specialists" launder money.

Most Popular: Ransomware and DDoS Extortion
According to Europol, exploit kits are no longer the top products, but their replacements are not proving to be as sophisticated or popular. Theft via malware has been declining as a threat; in its place, the cybercriminals of today use ransomware and DDoS extortion, which are easier to monetize.

For example, take booter services. These are mercenary DDoS soldiers who use large-scale botnets or manipulated cloud accounts to produce a malicious flood of data that stops IT cold. Their attacks can last for days and cost anywhere between $10 for a small attack to thousands of dollars for more complex jobs. They can be part of a ransom scheme, vandalism, or sabotage, or simply a way to disguise a multivector attack while occupying the victim's IT resources. The University of Cambridge has found that such assaults have become so common that their purchasers even include school-age children.

Europol's "Internet Organised Crime Threat Assessment 2019" report describes how DDoS attacks are one of the most serious threats facing global business. The preferred DDoS targets of criminals last year were banks and other financial institutions, public organizations such as police departments, and local governments. Travel agents, Internet infrastructure, and online gaming were also favorite victims. Some bad actors were arrested, but they failed to make a dent in the growth rate of DDoS attacks or on the Dark Web infrastructure that makes them possible, according to Europol.

A New Paradigm
Digital services are essential to organizations of all sizes, from small online shops to global giants. If services are annoyingly slow or offline for hours or even days, the firm's revenue and reputation will take a hit. Once, it took a while for news about this sort of disruption to get around, but those days are gone. Today, everyone knows everything almost instantly. That's why using botnets are cash cows for cybercriminals: They can use them in DDoS attacks to extort money from website owners by threatening attacks that will take out their services.

Awareness of this and other risks is growing, and more companies are spending on cyber-risk management. Nevertheless, the WEF says that cybersecurity spending is still far from what it needs to be, given the scale of the threat.

Related Content:

A listing of free products and services compiled for Dark Reading by Omdia analysts to help meet the challenges of COVID-19. 

Marc Wilczek is a columnist and recognized thought leader, geared toward helping organizations drive their digital agenda and achieve higher levels of innovation and productivity through technology. Over the past 20 years, he has held various senior leadership roles across ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
AaronsCC
50%
50%
AaronsCC,
User Rank: Apprentice
4/14/2020 | 6:11:01 AM
Re: Pending Review
Foreign-originating hacking should be treated as an act of war. Industrial espionage and sabotage are the acts of spies. In war, spies are executed and don't go to trial. We need cyber bounty hunters. Until there is sufficient deterrence, they won't choose honest work.
EGSchwartz
100%
0%
EGSchwartz,
User Rank: Apprentice
4/13/2020 | 6:30:54 PM
Sketchy Data for the $6T Number
I appreciate the intent behind the article, but candidly the WEF report references highly susptect data to come up with the $6T number.  The only source referenced in the WEF report is a Forbes contributor article that in turn references a security vendor report from an MSS provider.  I don't think of this forecast as reliable, scientific, or comprehensive.
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-29144
PUBLISHED: 2020-11-27
In Ericsson BSCS iX R18 Billing & Rating iX R18, MX is a web base module in BSCS iX that is vulnerable to stored XSS via an Alert Dashboard comment. In most test cases, session hijacking was also possible by utilizing the XSS vulnerability. This potentially allows for full account takeover, or e...
CVE-2020-29145
PUBLISHED: 2020-11-27
In Ericsson BSCS iX R18 Billing & Rating iX R18, ADMX is a web base module in BSCS iX that is vulnerable to stored XSS via the name or description field to a solutionUnitServlet?SuName=UserReferenceDataSU Access Rights Group. In most test cases, session hijacking was also possible by utilizing t...
CVE-2020-29136
PUBLISHED: 2020-11-27
In cPanel before 90.0.17, 2FA can be bypassed via a brute-force approach (SEC-575).
CVE-2020-29137
PUBLISHED: 2020-11-27
cPanel before 90.0.17 allows self-XSS via the WHM Transfer Tool interface (SEC-577).
CVE-2020-29135
PUBLISHED: 2020-11-27
cPanel before 90.0.17 has multiple instances of URL parameter injection (SEC-567).