If there’s one thing the last few years have shown us it’s that hackers have evolved into sophisticated, organized criminals, capable of orchestrating well-oiled, imaginative attacks.
They have adopted organizational shifts in how they carry out their work by implementing corporate best practices and established professional businesses to increase the efficiency of their malicious toils against enterprises and consumers.
They even now work within structured setups with their own HR departments to manage employment documents and recruitment processes akin to those used in legitimate business, designed to identify high-quality talent that fits their needs and weed out people with no genuine technical skills.
“The professionalization of cyber-criminals is a concerning trend,” Sian John, chief strategist EMEA at Symantec told Infosecurity. “Our research shows that advanced cybercrime groups now mirror legitimate organizations in the way they operate, with networks of partners, associates, resellers and vendors. Some groups even deploy call center operations to ensure maximum impact on their scamming efforts, and in some instances employees of the call center are oblivious to the fact they are working for criminal groups executing low-level campaigns like tech support scams.
“The business-like structure in which cybercrime groups are operating, allows them to carry out highly sophisticated attacks and target both consumers and enterprises of all sizes. It also provides better resources and greater efficiency. We’re increasingly seeing hackers work normal 9 to 5 business hours and even take weekends and holidays off just like the rest of us,” she added.
What’s also clear is the techniques cyber-criminals use in their labors have developed to become just as diverse and complex as the individuals who carry out the attacks, with crooks continually devising new ways to target their victims or even designing completely unique assaults for one specific target. This inevitably leaves companies struggling to keep pace – once they seem to have cracked it hackers simply find another, often more imaginative way to break through.
“Cyber-criminals have evolved the ‘distribution channel’ they use in their attacks,” said Luis Corrons, PandaLabs technical director at Panda Security. “Most malware 10 years ago was distributed through email, and although it is still being used nowadays, they are using new ways that didn’t exist 10 years ago – social networks are a great example of this. It is now very easy to find personal information about anyone online, and that is being used to send more sophisticated, targeted attacks.”
“Also the (in)famous exploit kits that are so popular now were not there in the past. Now they include more exploits and on top of that they use reputable websites to infect users via malicious ads, something that didn’t happen years ago,” he added.
Furthermore, hackers today also demonstrate the savvy nature to quickly shift their focus of attack to achieve the highest profit. Cybercrime used to be 99% about stealing credit card details for quick financial gain, but numerous recent breaches on hospitals and industrial control systems throughout the world are prime examples of cyber-criminals recognizing that the wealth of data these services store is now just as (or even more) valuable to them in the long-term than much of the information they can access from targeting the financial industry.
In fact, modern-day cyber-criminals have to be so skilled, knowledgeable and capable in what they do that there is a growing skills gap in the hacking market with criminal groups often struggling to find the high-level talent they need.
“It’s just as hard now for an organized criminal to recruit technical skills as it is for anyone’s business, and actually in some cases they have it harder,” James Chappell, founder and CTO at Digital Shadows told Infosecurity, arguing that criminal groups often face the challenge of promoting their services without exposing their illegality.
So, with cyber-criminals now such skilled, organized opponents, it’s clear that organizations, security professionals and vendors need to be just as forward-thinking as those who seek to breach our perimeters if they are to keep up with their evolving nature and ultimately keep our data safe.
If you are connected to the internet you are at risk of cyber-attack, said Chappell, and staying one step ahead of the opportunistic threat that hackers constantly pose is now very, very important.
“It’s about putting yourself in the shoes of the attacker and looking for the places that are your weakness. It’s also about looking for those things that happen by accident and understanding the threat by having an insight into what’s likely to happen to you when someone is targeting you maliciously.”
“If you know what’s going on around you, you can make better, smarter decisions about how to defend yourself and recognize the type of incident that can affect you and you can respond effectively,” he added.