Subscribe

Cybercrime-as-a-service

Black Friday had specials on malware for beginners. You can't make this stuff up!


Johannesburg, 16 Jan 2018

Cyber crime is becoming commercialised to such an extent that on Black Friday, you could buy hacking tools at a discounted price. With a payoff line of 'Hack your holidays', Hakshop.com offered up to 60% discount on an assortment of items including manuals on how to initiate various hack attacks.

The commercialisation of hacking and the associated products is a growing industry, which says everything about demand for this type of technology. Not only is it becoming increasingly affordable, it's also constantly innovating and becoming simpler to implement yet more sophisticated in its attacks. Some sites even allow users to trial the technology before they rent or buy it.

Today, anyone can become a hacker, says Ryan Roseveare, MD of BUI. "Previously, a person had to have some degree of IT skill to be a hacker. Today, you go online, buy or rent the necessary tools and with the help of a Google search and a couple of YouTube videos, you're a hacker. You can even use Bitcoin to make your purchases."

However it must be noted that although the barriers to entry have become significantly less, and technology and Google have made it a great deal easier to get into hacking, becoming a good hacker still requires a tremendous amount of effort, skill and time.

Things like malware-as-a-service, ransomware-as-a-service, distributed denial of service-as-a-service and phishing-as-a-service are becoming commonplace items that can be purchased or rented online. Technology that steals passwords is just a couple of clicks away for a wannabe hacker, says Roseveare. "Not only are they available, they're updated regularly and supported. There's an entire ecosystem built around these products, much as you'd see around conventional software that you'd run on your laptop."

The fact that cyber crime is becoming a recognised business should be a big red flag to businesses who have, until now, thought it would never happen to them, says Roseveare. "Even a novice hacker could cause great harm to your business using these ubiquitous tools and technologies. And the threat is ever growing as an increasing number of people are trained by these sites on how to launch cyber attacks on business."

Tips for business

Roseveare says businesses should follow a few basic security practices to protect themselves against any type of cyber attack:

* Continually apply patches and security updates to software.
* Implement policies around passwords - allow only strong passwords and change them regularly.
* Always be testing your security - penetration testing your environment is a must.
* Educate and train employees around cyber security.

Follow good backup practice such as:
* Use common sense.
* Implement multi factor authentication for your privileged accounts.
* Utilise the power of the cloud to enhance your security posture.

Share