Lucrative business: cybercrime-as-a-service
by Raj Samani - VP CTO at McAfee EMEA - Monday, 19 August 2013.
These cybercrime traders are brazenly promoting their illegal services on open platforms Ė in particular the legitimate websites of SMEs. Whether offering customers the opportunity to review products, comment on articles, or discuss and share their ideas, live forums are a common feature on many websites, but the problem is that they are largely unmonitored by small business owners.

As such, cybercriminals have sensed an opportunity and not only are they stealing sensitive data from SMEs that do not protect themselves effectively, they are also relying on unrestricted SME websites to advertise their illegal services.

And this goes beyond open forums, as many small business owners that operate market places or open ecommerce sites are unaware that these illegal services are being sold and traded directly from their legitimate website.

This solves the problem of customer awareness for cybercrime traders, as a quick Google search of the relevant illegal services will take them straight to a post on the small business website. However this is obviously bad news for small business owners. While they believe they are running an honest online business, unbeknownst to them, they are facilitating an underground side-operation from their own company.

Genuine potential customers will be unaware that these posts are not supported by the website owners themselves and, after stumbling across these illicit adverts, are likely to lose trust in the company and take their custom elsewhere.

Black market, big money

Not only can such schemes lose SMEs money, but while small business owners are struggling to deal with the costs of running a legitimate business, cybercriminals are making a lucrative trade off the back off them Ė and in many cases making more money than the SMEs themselves.

The whitepaper uncovered a number of well-paid deals, such as the sale of email addresses for whole regions for as much as £570, while crimeware-as-a-service tools can be rented out for $150 a day and credit card details with a good balance can be sold at £65 a card. But it is vulnerabilities that can rake in the real money for these underground tradesmen and an Apple iOS exploit was recently sold for over £160,000.

Gaining customer loyalty and competing with well-known trusted brands when running a business online is a challenge in itself for small business owners, so it is essential that they donít get a reputation as a cybercrime facilitator. As such, it is important for small business owners to invest in the right level of protection so that it is not their own customersí details that are traded online. Moreover SMEs need to make a habit of regularly checking their open forums and comment sections for these dodgy deals.

Cybercrime businesses feed off the vulnerability of others, so creating an atmosphere of alertness and security in the workplace will help to defeat them and their criminal-minded customers.

Spotlight

Patching: The least understood line of defense

Posted on 29 August 2014.  |  How many end users, indeed how many IT pros, truly get patching? Sure, many of us see Windows install updates when we shut down our PC and think all is well. Itís not.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 2nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //