Cywest Blog

Cywest exists to disrupt the telecom industry by provisioning communication and infrastructure services the way they were intended. We are earnest in our belief that every one of our customer’s networks is important to us, because at the end of the day, it is our network too. It has our name on it, we own it. It is with sincere effort that we not only say, but back up the fact, that we have the best network on the planet.

How Cybercrime and the Dark Web Economy Really Work

Cyrus Nooriala
Posted by Cyrus Nooriala on Oct 19, 2020 10:45:37 AM

While your first mental image of a hacker might be the stock photo of a hooded teenager in a dark basement, most cybercriminals work out of polished organizations with executive teams and abundant staff.

A hooded teen sitting in front of computer monitors in a dark basement committing cybercrime

It’s actually a hooded millennial in a dark server room. Close enough.

Why does it seem like this industry is always thriving?

Cybercrime is booming

That’s because it is. Cybercriminals run such a prolific and productive economy that they’re costing the world hundreds of billions of dollars every year. If that’s too big to wrap your head around, think of how much they profit from data breaches alone targeting giants like Twitter and Walmart.

An economy so large means two things: it’s easy to access their tools and expertise, and the attacks that cybercriminals can engineer are getting more sophisticated, disruptive, and costly by the minute.

In a report on global economic risks for 2020, the World Economic Forum projected their list of biggest technological threats to global commerce for the next ten years. Guess where cybercrime landed in the ranking?

Number one.

And while we fret about those impacts, cybercrime organizations don’t see the same world we’re seeing right now. When they conduct their SWAT analyses, they see global pandemics and panic-inducing global events as opportunities. Opportunities to capitalize on uncertainty and on vulnerable organizations that can’t afford even basic defenses against security breaches.

You study your competitors, right? Now is the time to study your truest enemies: the organizations that are literally stealing from you.

How the cybercrime industry works

A woman opening up a silver laptop on a black reflective table to research the cybercrime industry

From product development and distribution to tech support and QA (and sometimes even customer service), cybercrime organizations do everything that lawful businesses do. And since they act outside the law, they regularly rob other tech companies and exploit their technologies or strategic plans to gain a competitive edge.

Stolen data

In this industry, stolen information is the primary commodity. That can include:

  • Organizational information
  • Personally identifiable information (PII)
  • Authentication credentials
  • Financial data

The resources they use to mine that information include malware—think viruses, ransomware, Remote Access Trojans (RATs), and other malicious software—software or system exploits, control over compromised machines, and threat actor training.

The opposite of cybersecurity services

A white man sitting at a desk with a Mac computer strengthening his cybersecurity

On the services side, cybercrime organizations will sell dark web services such as:

  • Distributed Denial of Service (DDoS) attacks
  • Ransomware as a Service
  • Access to servers
  • Exploit kits (EKs)
  • Infrastructure rental

Let’s look at Ransomware as a Service (or RaaS, if you will). On the dark web, ransomware is sold just like legal software. RaaS providers offer updates, technical support, and even a range of subscription plans. The key difference in these unlawful counterparts to software providers is that they are responsible for unleashing and spreading the ransomware to the customers’ targets.

It’s like getting paid to spread a virus. And in some payment models, these ransomware providers are only paid in commission, i.e. from cuts of the payments received from ransom victims.

How do you defend your organization?

A white man kneeling in front of some computer servers beefing up his company's cybercrime defense

As our friend Will Shakespeare wrote in Henry V, “in cases of defense, 'tis best to weigh the enemy more mighty than he seems.” Spoiler alert—King Henry didn’t defeat the French army with just one longbow and arrow.

There’s no single tool, no piece of software, that will defend you against dark web enemies. But don’t panic just yet. While you think about what you can do about these threats ASAP, consider this two-pronged approach to defensive cybersecurity:

  1. Up-to-date knowledge of the newest threats
  2. Security at the deepest level of your infrastructure

If you don’t want your ransom money to pay for some hacker’s brand-new Lamborghini, find a team that has the knowledge and the infrastructure to protect you.

We aren't just telecommunication IT service providers — we're problem-solvers. Find out how Cywest's custom network design can protect you from cybercrime.

Topics: IT Security, Data Protection, Cyber Security, Cloud Security, Network Security, Data Security, SD-N

Leave Comment