Cybercrime is the greatest threat to every company in the world, and one of the biggest problems with mankind. Beyond a nefarious hobby, cybercrime has become a way for cybercriminals to earn a living. While it remains underground, it is a business nonetheless; attackers cooperate, and work to maximize profits and minimize risk of arrest. Over the past 20 years, cybercrime has become a mature industry estimated to produce more than $1 trillion in annual revenues.
The impact on society is reflected in the numbers. Cybersecurity Ventures predicted that cybercrime will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. Cybercrime costs include damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm.
Rapid rise of Cybercrime and cybercriminals have led to wide-spread adoption of cyber outsourcing or “as-a-service” model for cyber attack, wherein the attacker can purchase the desired“service” through the dark web without so much as a cursory understanding of what is involved in its execution. The anonymity of darknet, through the Tor and Bitcoin protects the bad guys from being easily identified and prosecuted.
Cybercrime-as-a-service (CaaS) help Bad actors and cyber criminals with an expanding range of resources, tools and technologies from exploit kits to ransomware to build threats and launch attacks. Large number of malicious sites offer a wide range of services for cybercriminals to leverage.
Recently Saudi Arabia hacked into the phone of Amazon.com Chief Executive Officer Jeff Bezos, as investigators have alleged, the oil rich nation likely utilized its preferred method of cyber espionage: outsourcing. The Middle Eastern nation’s cyber arsenal is believed to be primarily composed of outsourced espionage tools, which it has combined with disinformation tactics on social media, they said. These purchased weapons can be “highly sophisticated, but of limited scope,” according to Jon Bateman, a cybersecurity fellow at the Carnegie Endowment for International Peace. While Saudi Arabia has tools that can be technically complex, countries that have invested in developing indigenous offensive and defensive capabilities — such as Saudi Arabia’s Middle Eastern neighbors Iran and Israel .
The purchase of cyber weapons — including from marketplaces in the Middle East and Europe, and possibly from criminals — isn’t unique to Saudi Arabia, experts say. Other countries, such as Vietnam and the United Arab Emirates, have also utilized their defense budgets to outsource cyber arsenals.
Many countries are utilising the services so-called Advanced Persistent Threat (APT) groups allied with and funded by nation state agencies, but not embedded within them. These groups and entities double-hat their activities, conducting likely state-mandated operations while freelancing for personal gain as well. They are vulnerable to playing in hands of terrorists to develop Cyber Dirty Bomb which could be used to attack critical infrastructure.
Lt.-Gen Vincent Stewart, former deputy chief of U.S. Cyber Command and director of the Pentagon’s Defense Intelligence Agency, warned that Israel and the West are vulnerable to the cyber equivalent of a “dirty bomb.” There is also threat of terrorists employing cyber out sourcingor Cybercrime-as-a-service. Stewart has warned that if al-Qaeda or ISIS were able to purchase cyberattack capabilities or even services from such a group then swathes of critical infrastructure could be at risk. Russia and China have such capabilities, but play the balance between impact and implications—causing damage but stopping short of prompting devastating repercussions. Terror groups have no such constraints and often operate at the margins of their capabilities.
Stewart singled out power grids as a particular danger, and one can only imagine the war-gaming and theorizing around such an attack within Cyber Command during his tenure. “Losing power for an extended period of time,” he warned, “is not just about inconvenience,” with hospitals and cold supply chains at particular risk. We have seen attacks on power companies and assets from both East and West. It has become something of a frontline.
IDST Monthly Access Membership Required
You must be a IDST Monthly Access member to access this content.