Monitoring threat actors


A concerted effort to understand your adversary improves your cybersecurity posture

The underground cyber-criminal economy is a mature and complex ecosystem with threat actors constantly adapting and innovating their strategies in order to profit. The market for cybercrime-enabling tools, services and jobs continues to expand and is increasingly accessible. This has significantly reduced the barrier of entry for individuals with lesser technical skills and those who are willing to assist in the execution of cyber-attacks, thus creating revenue-generating opportunities for the many players involved.

Underground marketplaces provide an array of offerings, including hosted attack infrastructure, malware and exploits, and various types of cyberattacks, as a service. Highly capable malware developers demand a premium for their wares, followed by resource and infrastructure-intensive offerings, such as dedicated fast flux bulletproof hosting and sophisticated proxy services, which enable broader cyber-attack campaigns.

Additionally, these marketplaces encompass a flourishing job market, with recruiters and job seekers offering functions that span a range of skillsets and pay. Higher risk jobs and those requiring advanced skillsets demand a higher pay, while unskilled jobs pay less. Examples of jobs on the unskilled end of the spectrum include CAPTCHA solvers and local advertising for cybercrime group channels on secure instant messaging services such as Telegram. On the other end of the spectrum, insiders at major financial institutions who can aid in planting malware on banking systems, stealing sensitive financial data, or committing and covering up fraudulent acts, demand a hefty sum for their services…Click here to read full article.