HP Releases Report on Dark Web, Cybercrime

<p><strong>PALO ALTO<&sol;strong> – HP Inc&period; has released <a href&equals;"https&colon;&sol;&sol;threatresearch&period;ext&period;hp&period;com&sol;evolution-of-cybercrime-report&sol;"><b>The Evolution of Cybercrime&colon; Why the Dark Web is Supercharging the Threat Landscape and How to Fight Back – an HP Wolf Security Report<&sol;b><&sol;a>&period; The findings show cybercrime is being supercharged through &OpenCurlyDoubleQuote;plug and play” malware kits that make it easier than ever to launch attacks&period; Cyber syndicates are collaborating with amateur attackers to target businesses&comma; putting our online world at risk&period;<&sol;p>&NewLine;<p>The HP Wolf Security threat team worked with Forensic Pathways&comma; a leading group of global forensic professionals&comma; on a three-month dark web investigation&comma; scraping and analyzing over 35 million cybercriminal marketplaces and forum posts to understand how cybercriminals operate&comma; gain trust&comma; and build reputation&period;<&sol;p>&NewLine;<p>Key findings include&colon;<&sol;p>&NewLine;<ul>&NewLine;<li><b>Malware is cheap and readily available <&sol;b>– Over three quarters &lpar;76&percnt;&rpar; of malware advertisements listed&comma; and 91&percnt; of exploits &lpar;i&period;e&period; code that gives attackers control over systems by taking advantage of software bugs&rpar;&comma; retail for under &dollar;10 USD&period; The average cost of compromised Remote Desktop Protocol credentials is just &dollar;5 USD&period; Vendors are selling products in bundles&comma; with plug-and-play malware kits&comma; malware-as-a-service&comma; tutorials&comma; and mentoring services reducing the need for technical skills and experience to conduct complex&comma; targeted attacks – in fact&comma; just 2-3&percnt; of threat actors today are advanced coders<sup>1<&sol;sup>&period;<&sol;li>&NewLine;<li><b>The irony of &OpenCurlyQuote;honor amongst cyber-thieves’ <&sol;b>– Much like the legitimate online retail world&comma; trust and reputation are ironically essential parts of cybercriminal commerce&colon; 77&percnt; of cybercriminal marketplaces analyzed require a vendor bond – a license to sell – which can cost up to &dollar;3&comma;000&period; 85&percnt; of these use escrow payments&comma; and 92&percnt; have a third-party dispute resolution service&period; Every marketplace provides vendor feedback scores&period; Cybercriminals also try to stay a step ahead of law enforcement by transferring reputation between websites – as the average lifespan of a dark net Tor website is only 55 days&period;<i><&sol;i><&sol;li>&NewLine;<li><b>Popular software is giving cybercriminals a foot in the door<&sol;b> – Cybercriminals are focusing on finding gaps in software that will allow them to get a foothold and take control of systems by targeting known bugs and vulnerabilities in popular software&period; Examples include the Windows operating system&comma; Microsoft Office&comma; web content management systems&comma; and web and mail servers&period; Kits that exploit vulnerabilities in niche systems command the highest prices &lpar;typically ranging from &dollar;1&comma;000-&dollar;4&comma;000 USD&rpar;&period; Zero Days &lpar;vulnerabilities that are not yet publicly known&rpar; are retailing at 10s of thousands of dollars on dark web markets&period;<&sol;li>&NewLine;<&sol;ul>&NewLine;<p>&OpenCurlyDoubleQuote;Unfortunately&comma; it’s never been easier to be a cybercriminal&period; Complex attacks previously required serious skills&comma; knowledge and resource&period; Now the technology and training is available for the price of a gallons of gas&period; And whether it’s having your company ad customer data exposed&comma; deliveries delayed or even a hospital appointment cancelled&comma; the explosion in cybercrime affects us all&comma;” comments report author Alex Holland&comma; Senior Malware Analyst at HP Inc&period;<&sol;p>&NewLine;<p>&OpenCurlyDoubleQuote;At the heart of this is ransomware&comma; which has created a new cybercriminal ecosystem rewarding smaller players with a slice of the profits&period; This is creating a cybercrime factory line&comma; churning out attacks that can be very hard to defend against and putting the businesses we all rely on in the crosshairs&period;&comma;” Holland adds&period;<&sol;p>&NewLine;<p>HP consulted with a panel of experts from cybersecurity and academia – including ex-black hat hacker <a href&equals;"https&colon;&sol;&sol;www&period;hp&period;com&sol;us-en&sol;images&sol;MafiaBoy&lowbar;Biography&lowbar;tcm245&lowbar;2433189&lowbar;tcm245&lowbar;2430162&lowbar;tcm245-2433189&period;pdf" target&equals;"&lowbar;blank" rel&equals;"noopener">Michael &OpenCurlyQuote;Mafia Boy’ Calce<&sol;a> and authored criminologist&comma; <a href&equals;"https&colon;&sol;&sol;www&period;rsaconference&period;com&sol;experts&sol;michael-mcguire" target&equals;"&lowbar;blank" rel&equals;"noopener">Dr&period; Mike McGuire<&sol;a> – to understand how cybercrime has evolved and what businesses can do to better protect themselves against the threats of today and tomorrow&period; They warned that businesses should prepare for destructive data denial attacks&comma; increasingly targeted cyber campaigns&comma; and cybercriminals using emerging technologies like artificial intelligence to challenge organizations’ data integrity&period;<&sol;p>&NewLine;<p>To protect against current and future threats&comma; the report offers up the following advice for businesses&colon;<br &sol;>&NewLine;<b><br &sol;>&NewLine;Master the basics to reduce cybercriminals’ chances&colon; <&sol;b>Follow best practices&comma; such as multi-factor authentication and patch management&semi; reduce your attack surface from top attack vectors like email&comma; web browsing and file downloads&semi; and prioritize self-healing hardware to boost resilience&period;<br &sol;>&NewLine;<b><br &sol;>&NewLine;Focus on winning the game&colon;<&sol;b> plan for the worst&semi; limit risk posed by your people and partners by putting processes in place to vet supplier security and educate workforces on social engineering&semi; and be process-oriented and rehearse responses to attacks so you can identify problems&comma; make improvements and be better prepared&period;<br &sol;>&NewLine;<b><br &sol;>&NewLine;Cybercrime is a team sport&period; Cybersecurity must be too&colon;<&sol;b> talk to your peers to share threat information and intelligence in real-time&semi; use threat intelligence and be proactive in horizon scanning by monitoring open discussions on underground forums&semi; and work with third-party security services to uncover weak spots and critical risks that need addressing&period;<&sol;p>&NewLine;<p>&OpenCurlyDoubleQuote;We all need to do more to fight the growing cybercrime machine&comma;” says Dr&period; Ian Pratt&comma; Global Head of Security for Personal Systems at HP Inc&period; &OpenCurlyDoubleQuote;For individuals&comma; this means becoming cyber aware&period; Most attacks start with a click of a mouse&comma; so thinking before you click is always important&period; But giving yourself a safety net by buying technology that can mitigate and recover from the impact of bad clicks is even better&period;”<&sol;p>&NewLine;<p>&OpenCurlyDoubleQuote;For businesses&comma; it’s important to build resiliency and shut off as many common attack routes as possible&comma;” Pratt continues&period; &OpenCurlyDoubleQuote;For example&comma; cybercriminals study patches on release to reverse engineer the vulnerability being patched and can rapidly create exploits to use before organizations have patched&period; So&comma; speeding up patch management is important&period; Many of the most common categories of threat such as those delivered via email and the web can be fully neutralized through techniques such as threat containment and isolation&comma; greatly reducing an organization’s attack surface regardless of whether the vulnerabilities are patched or not&period;”<&sol;p>&NewLine;