NEXT GENERATION OF CYBER CRIME
Cybercrime and cybercriminals have been around since businesses first began using the Internet for commerce. The rise of criminal to criminal activity distinguished the fourth generation of cybercriminals. A robust and efficient underground economy emerged, providing the opportunity for cybercriminals to buy and sell goods and services to each other. Distinct, specialized cybercrime businesses came into prominence, including Exploit Auction Houses, Malware Distribution Services, Botnet Rentals, Next Generation Identity Sellers, Licensed Malware, Social Networks for Cybercriminals. The current batch of successful cybercriminals is more entrepreneurial than past generations, fueling the growing cybercrime economy with cash. As a result, attacks continue to grow in sophistication, chain and frequency.
Pay-Per-Install (PPI) malware distribution schemes have been a key area of growth.PPI sites are now taking steps to improve the productivity of their affiliates. Some sites offer help developing content for affiliate scams. Many provide guidance or tutorials on how to make their malware less detectable by antivirus software, or “FUD” (Fully Un-Detectable). Even live support is available for affiliates of certain PPI sites.
Threats in the current generation are increasingly automated, allowing cybercriminals to be more productive in less time. Cybercriminals take advantage of malware tools and scripting techniques to automate various stages of their schemes.Less skilled hackers can purchase tools to easily identify vulnerable targets, compromise systems and steal data. More sophisticated cybercriminals may buy tools or develop custom tools and scripts on their own. In some cases, integration across multiple tool sets that perform distinct functions has been observed in larger cybercrime schemes.
APT: Advanced Persistent Threats
The term Advanced Persistent Threat, or APT in short, became prominent as a name for targeted attacks on specific organizations by determined, well-coordinated cybercriminals. In the cybersecurity community, APT most often refers to sophisticated attacks aimed at governments and corporations to gather intelligence or achieve specific nonfinancial objectives.APTs are frequently attributed to nation-states or agents of nation-states. On some occasions, APTs have been linked to terrorist and fringe political groups.
APTs are not unique to the current generation of cyber criminals. These kinds of threats have been active for years, executing operations such as“Titan Rain” to gather intelligence. However, the skill and sophistication of APTs has evolved along with the cybercrime.