I am not exaggerating when I say that cyber criminals are lurking out there and actively hunting out their next victims, It’s hard to tell the good guys from the bad guys in the nameless (and I don’t consider Bob2568 to be a proper name), faceless (an avatar is not a face) world of cyber-space. We have touched on what motivates hackers but it often helps to understand the world of cyber criminals a little more in order to protect ourselves from them.
Cyber criminals – The New Mob
Cyber criminals have a large network of technology partners and like-minded individuals. Some have evolved beyond the stereotypical back room boffin to become a true entrepreneur – they will have contracted people to develop software, “managers” to keep a track of their business and ensure that resources are being optimally utilised. These hackers are savvy business people who leverage the labour of others for profit. Perhaps this is the new version of mob gangland?
Similar to the mob of old, cyber criminals can tap into their networks and have hired guns in the form of geek hackers, or even simply purchase pre-made web and e-mail based attack kits. It’s not necessarily the geeky guy sitting behind the computer screen that you need to be wary of, it could be the well-dressed businessman or casually dressed smooth talker. Reviewing the information on the recent 45 million dollar hack, it appears that the syndicate had a very well thought out and almost coporate-esque structure. The capture of some of the members and the murder of the cyber-crime boss (in what appears to be typical gangland style in a café with a few of his cohorts by a rival syndicate), there will be a few vacancies in the cyber-criminal league.
Hackers R Us Inc.
If you were to recruit new members, I wonder if the adverts would look anything like this?: Due to an unexpected organisational restructure, a number of key vacancies have been created in Hackers R Us Inc. –
“King Pin” – we are seeking a new chief executive to head up our global operations. Entrepreneurial flair and a solid track record of motivating your people to deliver profits is a must. Evading capture by the police and previous experience with technology would be advantageous. Competitive salary package including internet connection, laptop, mobile telephone, and automatic weapons of your choice. Personal protective equipment (e.g. bullet proof vest) is negotiable.
“Middle Managers” – these roles are responsible for the administration and day to day operational aspects of the business. You will need to be resilient and have a firm no-nonsense approach with your stakeholders. You will have ample opportunity to exercise your negotiation skills in this role. In return, you will be offered a competitive salary package and benefits including access to the in-house accountant and legal counsel on an on demand basis.
“Malware-kit writers” and “Bot Herders” – you will be code plug-and-play malware kits that are easily implemented by those with much lower IQs than your own. Moral flexibility is needed as you will be facilitating the theft of money from people like your grandparents. For Bot Herders in particular, megalomaniac tendencies are preferred as you will grow your bot herds to do your bidding at a single key stroke. Work from home and be paid on a piece-work basis.
“Flaw finders” – if you fancy yourself as the human equivalent of a heat seeking missile for vulnerable sites or if you have a natural ability to exploit potential weaknesses in systems then this is the role for you. Demonstrated experience with e-commerce, banking or related sites is preferred as your role will be to identify potential targets to source information, money or products. Remuneration is commensurate with experience.
“Card Cloners” – do you see yourself as the cyber equivalent of an art forger? You will be an expert in transforming existing credit card information into fictional credit cards that can be used at ATMs or card terminals. Your earning potential is only capped by your talent.
“Cashers” – these front line roles require individuals who enjoy hands on operation support. It will be your responsibility to take the credit cards created by your Card Cloner colleagues and make withdrawals from ATMs. Previous experience is not necessary however, an ability to blend in, use other peoples’ identities and remain calm under pressure is a pre-requisite.
“Money Mules” – are you looking for an opportunity to utilise your acting skills? Do you have a high level of numerical literacy and a knowledge of the banking industry? If so, this hands on operational role may be exactly what you are looking for. One of your main duties will be to open bank accounts and move the organisation’s funds around the world to designated bank accounts.
As you can see, by isolating and extracting the moral factor, the organised cyber-criminal is very much like you and I – a business owner using their skills and the skills of their team to make a profit. But, we can not and should not disaggregate the moral component here. This is still criminal activity and the profits are made off the backs of honest, hard-working folk like you and I.
Small to medium businesses are ideal targets for Hackers R Us Inc. and cyber criminals because they tend to have much few security protection and protocols in place than larger businesses and they have more computers, data and money to steal than individuals. It has been our experience that small to medium businesses have a false sense of security after all, it is a challenge to get customers to your website so how could you a possibly be a target for a cyber crime ring based in a far flung corner of the world? And, if it was an operation run solely by humans, you’d be right. However, the Flaw Finders, the Bot Herders and their colleagues have automated their hacking schemes so that any business is a potential target and any vulnerability can be exploited. It’s not personal, it’s just cyber crime.
Criminals have adapted to the brave new world of cyberspace, you need to adapt to survive too. Binary Limited can work with you to identify your areas of vulnerability and design appropriate protection for your system and priceless data.