Skip to main content

The Evolution of Cybercrime

July 18, 2019

Cybercrime has evolved from just small-time criminals (who are still active and profiting) to massive organizations with many hackers – becoming big business. Fayyaz Rajpari, our Executive Services Director discusses this evolution with Ron Darnall, our senior director of threat intelligence and Ken Dunham, our senior technical director, Cyber Operations, in our latest podcast, "Cyber criminals are a Fortune 10 company, what?!"

Here is just part of what you’ll hear about. Listen to our podcast Episode 2: Cyber criminals are a Fortune 10 Company for the full interview.

Question 1:

Fayyaz: So, if we look at the bigger picture of the victim landscape and really all the organizations are out there, you know, I think of this as two different networks, right? We've got the good guys and we obviously have the bad guys as well. If you look at both teams, is it a fair match? Do we have enough on both sides? What are your thoughts?

Ken: Well, when I grew up, the threat landscape was a lot different than what it is today. So, I think it's a great question on is it fair what's happening, has it increased? And part of what I'm thinking, from a perspective standpoint, is that the internet and that interconnectivity that came about in the mid-90's is really a game changer. Because now we're not dealing with localized threats, local criminals, the people that you would know in your small town, USA, or your small town in Europe or wherever you live. Now, it's anybody can attack anywhere at any time. For example, when Voice Over IP was being abused for phishing and it came up with the term called vishing, what was happening there is an individual in Romania was attacking using vishing techniques. Different places around the world every day. One time I saw him doing an attack against a place in Idaho, and the next day it was Canada, the next day it was Australia.

Then that's a game changer 'cause now we have a small time criminal who can do a global-scaled attack and get away with it with complete anonymization.

Fayyaz: So, yeah and kinda going back to, what you just said, small-time criminal, right? I think of this as being larger as well, right? So, we're not just dealing with the... and I think that was a point in time where we were dealing with the small-time criminals, but at this point, I mean like you said, we are dealing with, you know, thousands and many times they have their own networks. Just like an organization does or any company has their own defending network, they've got their own opposing networks that are after something or someone. Would you agree, and can you comment?

Ken: Yeah, absolutely. And that's a very good point. I think some people are now aware of what is known as the Russian Business Network, or RBN, which is a group that we targeted in St. Petersburg and Moscow and others a long time ago and now it's a little bit more public knowledge. But, everybody talks about Russians generically, like the Russians are doing it or the Chinese because of their power and their maturity. But, the answer is that they were doing large-scale multimillion-dollar fraud attacks that were highly successful, especially against the banking industry at the turn of a century. Much longer and previously before everybody else had public knowledge of this, that's what was happening. Because it takes a while for things that are happening to eventually bubble to the surface for people to know and to believe and then to understand the full scope, not unlike say dwell time in an incident. And then all of a sudden, you realize holy cow! This has been going on for a long time.

So, the Russians have been doing this for a long time and they're very successful, as are a large number of other entities out there in the world because this is a place they can cash in and make money and they're very very mature.

Ron: Yeah, and I think, Ken, in addition to that, you really needed to spell the myth that hackers are twelve-year-olds working out of their parents' basement, right? While that entity may still exist, they're not as organized, they're not as sophisticated as what you've just described.

Ken: That's actually a really good point. That reminds me of Jeffrey Lee Parsons, who was arrested by the FBI. He was in his parents' basement, and he was arrested because he had hosted a threat related to, I think it was Blaster B or one of the variants there of back in the year of the worm, 2003-2004 time frame. And the FBI really didn't actually think that it was him because it was registered in his name, hosted on his computer, and right there in their parents' basement. But he had just downloaded something off of a Chinese website, I believe it was, and hosted it, and ran it, and then ended up being the poster child for don't do bad things at home. But, you know, now what we have are very sophisticated threats. I've seen literally new Zero Day threats against entities being launched every single day or two that are new and different, each one of them. And that's a very sophisticated, expensive, complex infrastructure. Attacks that took hundreds of thousands of dollars to put into place from an infrastructure perspective, when they're highly focused and targeted against critical assets.

Don’t stop now. Listen to our full podcast.
 


    Fayyaz Rajpari

By: Fayyaz Rajpari

Executive Services Director

See More

    Ken Dunham

By: Ken Dunham

Senior Director, Technical Cyber Threat Intelligence

See More

    Ron Darnall

By: Ron Darnall

SR. DIRECTOR OF CYBER OPERATIONS THREAT ANALYSIS & INTELLIGENCE TEAM

See More

Related Blogs

April 17, 2019

MythBusters: Debunking Five Common Identity and Data Management Myths

Debunking common myths about IDM. Examples: too expensive and complex; current IT teams can't support IDM evolution; custom is better; company data/IP...

See Details

April 10, 2019

Indecent Proposal? When Identity, Privacy and Ethics Collide

Users expect data privacy – and regulations require it. Yet, security measures require full visibility into all data in the business ecosystem. This b...

See Details

April 03, 2019

Why Identity Matters in a Strategic Identity and Data Management Programme

Keeping identity centre stage in your security strategy will help prevent breaches and the misuse of personal data. Taking a strategic approach is imp...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cybersecurity Events in your area.