Home | Support | Contact Us | Site Map | Employment

Sklar Technologies

Resource Library Email Newsletter

A Shadow Economy


It didn't happen overnight. According to a Q2 2008 Web Security Trends Report by Finjan, a San Jose, Calif.-based security company specializing in Web gateway security solutions, these cyber crime organizations—some claiming hundreds of members, others up to tens of thousands of members—have all emerged over the past two years to create a viable shadow economy, designed to mimic real-world economies financially and structurally.

 

"It's a contemporary economy mediated by Internet workings. It just happens to be illegal," Cassidy said.

 

Just like a Mafia family, they're organized into strict hierarchies. They're headed by a criminal boss, who is seconded by an under boss, providing Trojans for attacks while acting as the command and control center of the operation. Spearheading the malware attacks against businesses and individuals are the campaign managers, who direct their drones in affiliation networks further down the chain of command to actively steal the data from users' computers.

Meanwhile, hacking tools aren't just relegated to the cyberelite. Affiliate and smaller hacker organizations can also propagate a malicious campaign by renting software and programs, ranging from botnets, to rootkits and phishing toolkits, in order to steal users' data.

"People take over somebody's computer, and then the computer is being controlled by someone in Mexico or Russia," said Unisys (NYSE:UIS)' Newmeyer. "The advantage in the cyber criminal world is that you don't have to go into a bank to rob."

The stolen data—generally users' credit cards and social security numbers—is often sold by cyber resellers, who specialize solely in buying and selling the stolen data.

"This is definitely an area of growing concern," said Dave Marcus, security research and communications manager for McAfee. "Instead of accessing and stealing information, they'll sell account information for a premium."

Marcus said that the resellers typically post the stolen information onto Web sites, then it is offered for sale to hackers based on brand, location and additional value-added features. Marcus said that one Web site discovered by McAfee Avert Labs offered stolen bank accounts for sale with significantly higher prices from U.S. financial institutions such as Citibank and Bank of America than for smaller credit unions and more obscure foreign banks. Criminals who want to use the information can then contact the resellers to negotiate a price.

"If you're trying to get inside and trying to get the information, you've got to know the secret handshake," Newmeyer said. "If you don't have the right responses, they'll identify you as a cop."

Driven by the laws of supply and demand, the price of an average identity has dropped in recent years from $100 to somewhere between $10 and $20 apiece, with the commoditization of data such as credit card and bank account numbers with pins.

However, other information is deemed more valuable. Experts say that prime real estate for cyber criminals surrounding health-related data, internal corporate notes and Outlook and FTP accounts that can provide access to intellectual property go for much higher prices on the black market. As a result, attackers will increasingly be targeting health and government organizations, as well as corporate intellectual property, security experts say.


By Stefanie Hoffman