Tuesday, December 10, 2013

At the cybersecurity market

At the cybersecurity market

“A market is never saturated with a good product, but it is very quickly saturated with a bad one” (American industrialist, Henry Ford). Thus, in the black market of malware, we would say that a product is good if is highly effective, flexible, hardly detectable, and so on.

Walking among the stands of this market, you can find some trojans, malware kits, ransomware, and even zero-day vulnerabilities. In fact, the kilo and a half of this type of product is usually sold at prices ranging between $ 40,000 and $ 160,000. Sometimes, it could even reach one million dollars, according to a study by NSS Labs security consultancy.

In this black market, there are also some items that are sold in bulk. We are speaking about bots, which can be used to perpetrate DDoS attacks such as the one that shut down the Royal Bank of Scotland (RBS)’s website leaving their customers with no service for at least an hour last week.

Cyber ​​attacks like these are the "new normal" for banks, in the words of Bill Stewart, vice president of technology consulting firm Booz Allen Hamilton. However, the Cybersecurity Framework to propose the National Institute of Standards and Technology in February in the U.S. could provide banks a more standardized way of measuring these threats and assess their current security measures.

One product that you can hardly find on the black market is an intermediate SSL certificate issued by a certification authority (CA). With such certificate, a fraudulent website could supplant a legitimate one without being detected by browsers. That's exactly what happened in France, where Google found out that the National Agency of Information Systems Security (ANSSI) has made unauthorized use of illegitimate certificates for several of its domains.

In Spain, troyans seem to be the best seller from the cyber black market. At least, they are the most widespread threat among our computers (11.3%), as stated by the fifteenth Microsoft Security Intelligence Report.

Meanwhile, in the U.S. and the UK, they fear that some sellers and buyers of illegal products or even terrorist organizations moved to do business and exchange of information to online games such as World of Warcraft or Second Life. Therefore, according to the documents leaked by Snowden, some spies may hide behind 3D avatars trying to locate suspicious activities and recruiting trolls, elves or super models as informers.

In light of this news, would you say that the black market of malware is saturated?


We invite you to rate our posts, to leave your comments and to share them on social networks. Also, if you want you can follow us on our profiles. At the sidebar, you’ve got the links ;-)


Post a Comment