Tuesday, May 24, 2016

Guidelines to understand and counterattack the cybercrime economy

In the last years the cybercrime has passed from the "little mafia" format to become in a real industry, many times with the same structures and problems as in an international corporation. A HP Enterprise research dissect these cybercriminal organizations and invite to companies to use the knowledge of how work these organizations to put problems on their organizational structures, to end the attack risks and contribute to finish with the cybercrime problem. 

"Cybercriminals are highly professional, have robust funding, and are working together to launch concentrated attacks" has ensured Chris Chriastiansesn, Program Vice President, Security Products and Services of IDC. Indeed, the cybercriminal organizations have the same elements and working than a normal company and those are the clearest cases:

- Human Resources management: includes recruiting, vetting and paying the supporting 'staff' needed to deliver on specific attack requirements; the skills-based training and education of attackers also falls within this category. Recruit, check the work and pay the needed support if it would be necessary to do a specific attack. That includes the training and education of the attackers in the necessary skills for the attack.

- Operations: the "management team" that ensure the smooth flow of the information and fund throughout the attack life cycle; this group will actively seek to reduce cost and maximize ROI at every step.

- Technical development: the front-line 'workers providing the technical expertise required to perform any given attack, including research, vulnerability explotation, automation, and more.

- Marketing and sales: these teams ensure that the attack group's reputation in the underground marketplace is strong and the illicit products are both known and trusted among the target audience of potential buyers.

- Outbound logistics: this encompasses both the people and systems responsible for delivering purchased good to a buyer, be it large batches of stolen credit card data, medical records, intellectual property or otherwise.

With this knowledge, HP Enterprise encourage to companies to difficult the work of these criminal departments. For example: if a company encrypt properly their client data, although it would be attacked the criminals can't sell these data on the black market because they can't decrypt the data, limiting their financial rewards. Another example: if the companies protect the interactions between the data, apps and user they manage, they will mitigate even disrupt the attacks. HP Enterprise recommend also "learn from the adversaries" and use their new strategies and tools for the defense.


Post a Comment