Making things happen, with energy and passion!
Are you thinking about starting a career in cybercrime? Are you tech-savvy, do you know how to code and do you have no moral objections to criminal activities? Are you wondering: what are the most profitable and low-risk models for cybercrime? Then keep reading, this article lists some options for you.
For most people cybercrime is about irritating people, disturbing your government, frustrating commercial companies or getting the everlasting fame of your fellow hackers. But let’s face it, we are in this for the money. So be rational about cybercrime. We need to create something that is: scalable, anonymous, very profitable, low-risk, sustainable and hard to copy. In other words: we need a real business model. During the past years, large organizations around cybercrime have emerged and you will be surprised how professional they are.
Still interested?
Here are some ideas to get started in cybercrime? Like every industry, the cybercrime industry is evolving from an artisan model with highly gifted craftsmen towards a model with extreme specialization. This shift is the foundation for emerging organizations and management teams specifically focused on executing cybercrime activities. Management teams with a vision and a mission just like any management team of a large organization. So you can be in this industry with a highly specialized role supporting a large organization.
So here are some models you can use to leverage your cybercrime organization
Old fashioned methods
- Hacking and stealing
This method is the foundation of all cybercrime. However, it is high risk and not very scalable. You try to breach a system and steal the data. Look for usernames, passwords and financial information like credit cards and PayPal accounts. The assumption in this approach is that many people have the same username and password for everything. When you steal their account information from a social network , you are able to use the same credentials to log in to their Gmail. From there you reset their online banking or PayPal password and transfer their funds.
There is one issue with this model. Eventually, you have to transfer the money to your personal account without leaving a trace. You need specific money transfer services for this to stay untraceable.
- Blackmail / ransom
This is similar to hacking and stealing, however, the goal is to steal incriminating information from people’s personal accounts. Everyone has information somewhere online they would not like to be shared with the rest of world. Another method is to block access to personal information by encrypting their data. In both cases, you use your leverage for blackmail. The target pays money to prevent incriminating information to be released or just to decrypt their machines. The issue with this model is similar to the first one: the money has to travel to your account without a trace.
- Hijacking the physical world
A more elegant way of cybercrime is to influence digital processes to alter the physical world. For instance: change delivery addresses on online orders. Acquire or generate discount vouchers for real life purchases. Like the UK-based security specialist who was able to generate an endless number of discount codes for Domino’s Pizza. So acquiring the stolen goods is legitimate. The only traceable part is the alteration of the process. This is more ingenious but less scalable since massive usage of this method will be noticed. And in the end, you are fed up with pizza.
“We conclude that traditional cybercrime models are too risky and not scalable”.
Below I list some models that make you less vulnerable and support easier payment methods.
Cybercrime developer
As a cybercrime entrepreneur, you could just be the developer behind the scenes. You know what is needed to develop the malicious code, infect as many nodes as possible or to crack a list of hashed passwords. This is a safer place to be since you will be paid for your service as a developer, just like a regular software engineering job. You can work as an engineer on the specific code; or even better, be a team member developing a cybercrime software suite. There are several hired developers developing, maintaining and supporting the Angler exploit pack. A safe place to develop, and you can deny that you know what the users are doing with your software. Since you are probably seen as just a regular employee.
Cybercrime marketing
Showcasing products and services is becoming ever so important in the world of cybercrime. We need to be able to advertise your services to our (criminal) consumers. This means you can work as a marketer for a cybercrime organization and help to spread the word around your product. Not only designing good websites; you need to leverage the social media to promote your products and share the successes your customers have in their criminal activities.
The same goes for copywriters. Writing down real customer cases, clear descriptions of the benefit of your services and the return on investment. This is work for professional copywriters. They need to touch your potential customers in their heart and make them fall in love with your product. The advantage is that you get paid as a normal marketing professional and hardly any criminal activity can be traced back to you.
Web designers and copywriters
The world of phishing is in need of good web designers being able to mimic real websites and real communications. The modern victims are becoming smarter and are not fooled anymore by an email with sloppy spelling and a badly designed website. We need high-quality dummy sites and flawless phishing e-mails. To do this, cyber criminals employ highly skilled communication professionals. You will get paid just like a normal web designer, copywriter or communication expert and there will be hardly any criminal trace back to your work.
Distributors / Infector
New generations of viruses work in two phases. The first phase is to infect as many systems as possible and stay dormant. These infections are empty shells and form no threat at all to the infected system. Distributors are able to sell infected nodes to cyber criminals who add a malicious payload into the empty shells. This way they can turn a large number of dormant systems to active botnet nodes in a matter of seconds.
By acting as a distributor you are one step further away from the action. The initial infection could be traced back to you. But the focus of the cyber forensic research will be on the payload. You can prepare a large number of nodes and act as a reseller of infected machines.
System administrator
More back to basics. Cyber criminals also need system administrators, since cybercrime software is – similar to all other software – in need of maintenance. A good system administrator has to manage all the components. As a system administrator you are responsible for high available and very scalable software systems. And do not forget that cybercriminals are often being targeted by their peers. So security is extra important. Make sure connectivity is guaranteed and the stolen information needs to be secured. Backup and recovery measures are very important. Sounds almost like a regular system administrators job. And I can imagine some system administrators are working on these systems without even knowing their real purpose.
Hijacking as a service or infection as a service
If you are good, you can sell your services as a freelance cybercriminal. You get paid per job and deliver the goods to your client. You usually get some inside information on how to gain access to the target systems. There are some known cases where large companies are hiring a freelance cybercriminal to disable or cripple the systems of their competitors. Disruption of service of your competition can often lead to reputation damage on their side and a competitive advantage for your client. Most hackers offer a no-cure-no-pay guarantee on a minimum number of infected systems or even a minimum number of ‘outage hours’.
Most jobs are probably easy to execute. The chance of detection is high, since you are executing the activities yourself. Payment can be disguised as normal consulting fees and make it hard to trace. They can even hire you as a cybercrime prevention specialist.
Selling licenses, support, and updates
The past years, we saw a rise of professional exploit kits. These kits are becoming highly sophisticated. Not only scanning systems on vulnerabilities and guiding you through the attack. They also offer neat dashboards with KPI’s like number of infected systems and average revenue per hack. Companies providing these are not only selling this software, they also offer support licenses. These licenses entitle you on support from a real helpdesk (if your attack does not work) and updates whenever new vulnerabilities are being discovered. By operating in this method you make cybercrime more scalable without putting yourself in the first line. And payments are similar to payments for regular software licenses. Since you are just a “regular software company”.
Facilitating activities
Next to direct activities you can also opt for facilitating activities supporting cybercriminals in their primary process. Below are 3 forms of facilitating services you can offer.
- Money transfers and laundry services
As stated above. One of the most difficult activities is making sure your money transfers are not being traced. And getting your virtual criminal payments back to the regular monetary system. Setting this up correctly can bring a lot of revenue in the secondary support market.
- Cybercrime rating and quality evaluation
Of course, our customers want to know the quality of our services. This means you can earn a decent living by starting a cybercrime rating service or even a code evaluation service. Evaluating other people’s work as an indecent assessor of the products and attacks. Especially code evaluation can add a lot of value to the industry and make a clear distinction between a large number of suppliers.
- Impact prediction
Analysis and big data for cyber criminals. The most elusive dashboards for maximum impact of cyber-crime attacks. In 2014 these services already advised shifting attackers attention from the financial industry to the medical and logistics industry. Since financial firms would heavily invest in cybercrime prevention. The logistics industry was not that advanced and had not been targeted yet. So an easy victim. As a cybercriminal, you can specialize in creating these kinds of advisory reports and be a strategic management consulting firm for the cybercrime industry.
Robbing your neighbors
And finally, it is very profitable to rob your fellow cyber criminals. There are several reported cases of dark net escrow services suddenly losing their money. In most cases, this is a clear “exit scam”. Some of them report being the victim of cybercrime themselves. It is often unclear what really happened. The issue here is that your crime is probably not going to be reported to the official authorities; however, most of your victims have “other ways” to revenge your crime. So make sure you take enough money to hide for a long time.
In summary
So there is a lot to choose from in this industry. Writing this article made me realize this industry is very mature and probably more advanced than the average software consulting company. This industry has matured tremendously in the past years and has a firm structure and high demands. An industry with vacancies. HR departments and regular compensation plans and bonuses.
In fact, the industry has become so regular that research has proven that IT security professionals make more money compared to cyber criminals. Figure that!
Robbrecht van Amerongen is Business Innovation Manager at AMIS.
0 comments:
Post a Comment