Black and gray markets for computer
hacking1 tools, services and byproducts such as stolen credit card numbers continue to expand, creating an increasing threat to businesses, governments and individuals, according to a new RAND Corporation study. One dramatic example is the December 2013
breach2 of
retail3 giant Target, in which data from approximately 40 million credit cards and 70 million user accounts was
hijacked4. Within days, that data appeared -- available for purchase -- on black market websites.
"Hacking used to be an activity that was mainly carried out by individuals working alone, but over the last 15 years the world of hacking has become more organized and reliable," said Lillian Ablon, lead author of the study and an information systems
analyst5 at RAND, a nonprofit research organization. "In certain respects, cybercrime can be more
lucrative6(赚钱的) and easier to carry out than the illegal drug trade."
The growth in cybercrime has been assisted by sophisticated and
specialized7 markets that freely deal in the tools and the spoils of cybercrime. These include items such as exploit
kits8 (software tools that can help create, distribute, and manage attacks on systems), botnets (a group of compromised computers remotely controlled by a central authority that can be used to send spam or flood websites), as-a-service models (hacking for hire) and the fruits of cybercrime, including stolen credit card numbers and compromised hosts.
In the wake of several highly-publicized arrests and an increase in the ability of law enforcement to take down some markets, access to many of these black markets has become more restricted, with cybercriminals
vetting9 potential partners before offering access to the upper levels. That said, once in, there is very low barrier to entry to participate and profit, according to the report.
RAND researchers conducted more than two dozen interviews with cybersecurity and related experts, including academics, security researchers, news reporters, security
vendors10 and law enforcement officials. The study outlines the characteristics of the cybercrime black markets, with additional consideration given to botnets and their role in the black market, and "zero-day" vulnerabilities (software
bugs11 that are unknown to vendors and without a software patch). Researchers also examine various
projections12 and predictions for how the black market may evolve.
What makes these black markets notable is their resilience and sophistication, Ablon said. Even as consumers and businesses have
fortified13 their activities in reaction to security threats, cybercriminals have adapted. An increase in law enforcement arrests has resulted in
hackers14 going after bigger targets. More and more crimes have a digital
component15.
The RAND study says there will be more activity in "darknets," more checking and vetting of participants, more use of crypto-currencies such as Bitcoin, greater
anonymity16 capabilities17 in malware, and more attention to encrypting and protecting communications and transactions. Helped by such markets, the ability to attack will likely outpace the ability to defend.
Hyper-connectivity will create more points of presence for attack and exploitation so that crime increasingly will have a networked or cyber component, creating a wider range of opportunities for black markets. Exploitations of social networks and mobile devices will continue to grow. There will be more hacking-for-hire, as-a-service offerings and cybercrime
brokers18.
However, experts disagree on who will be the most
affected19 by the growth of the black market, what products will be on the rise and which types of attacks will be more prevalent, Ablon said.