IT Security: Cybercriminals are increasingly embracing a sophisticated business-model approach
Criminal hacking groups can employ HR specialists, marketers, and training gurus.
Cybercriminals can call on an extensive network of specialists for “business” expertise, including people who train and recruit, launder money, and provide escrow services.
The cybercriminal underground includes people who provide human resources functions, like recruiting and background checks, but also specialists who help market and sell exploit kits and compromised data and others who serve as middlemen in anonymous transactions.
Cybercriminals are increasingly taking a business-based approach toward their activities, with some organizations developing in-house training, disaster recovery, and other business functions, and others contracting for those services in the underground marketplace.Cybercrime is maturing as a business model.
Some criminal hacking businesses offer 24-by-seven telephone support, others offer money-back guarantees on their products
Advertising fraud and extortion as types of cybercrime that have high payout potential while requiring relatively little effort and involving low risk to criminals. Hacktivism and credit card fraud are relatively easy and low risk but offer low payout potential.
Organized crime and intellectual property theft, on the other hand, offer large paydays, but can be difficult to pull off and can be risky.
Businesses should take several steps to disrupt cybercriminals. Businesses can disrupt hacker profits by using end-to-end encryption on their sensitive data, and by deploying application security tools.
Many businesses suffering breaches still fail to deploy basic security measures, such as patching software and two-factor authentication.Hackers conduct their own risk analysis on potential targets; if a company looks difficult to attack, they will move on.
Honeypots or deception grids — realistic duplications of a business’ network set up to trap attackers — can also be effective. These duplicated networks are complex but may represent the future of getting ahead of the attackers and disrupting them.
For more information and a personalized IT Solutions business offer, please contact us.
Source: www.itworld.co