'Hackers for Hire'- Major Police Effort To Fight Criminal Gangs.

Uploaded on 2015-10-07 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

A “small number” of hackers offer  "cybercrime as a service” creating a market a for criminal gangs to bid for targets to be attacked.

A major international effort is needed to defeat cybercrime and disrupt the criminal gangs who are using “hackers for hire” to hit sensitive financial and government targets, the UK’s anti-cybercrime boss has warned.

Andy Archibald, the head of the UK’s National Cyber Crime Unit (NCCU), said that a “small number” of hackers were offering “cybercrime as a service”, and had created a marketplace where gangs could bid for targets to be attacked.
His warning comes after it emerged that Chinese hackers are suspected of carrying out a “massive breach” on the 5th June of the personal data of nearly 4 million US government workers. This is amid suggestions it was one of the largest known thefts of US government records.

Mr Archibald called for the NCCU to work with more international police forces and the private sector to prevent cybercrime and to track down those responsible, adding it was impossible to “arrest your way out of cybercrime”.
Mr Archibald said that the majority of sophisticated cyber attacks were financially motivated and “principally against” the financial services sector. Last night security experts speculated that the US records had been targeted to allow suspected Chinese hackers to build a vast database of federal employees in what could be preparation for future attacks against the US. China has called the allegations “counter-productive” and irresponsible.

Speaking recently alongside Mr Archibald, the information security expert Professor Alan Woodward suggested as few as 100 or 200 cyber criminals might be responsible for the majority of advanced cybercrime.

Mr Archibald said he could “not put a number on the size of the threat”, but agreed that a small number of hackers were writing damaging software for sale to gangs of criminals and said there was a “viable route” to “take them out”.

He said: “The point I’d make is that the approach for dealing with cybercrime has to be quite sophisticated. Traditional crime happens inside your state’s jurisdiction. That’s no longer the case, and we need to work collectively to meet this new threat, and that includes working closely with the private sector. We need an international response.”

The NCCU already has strong links with the FBI and Europol, and Mr Archibald is quick to point to the success of a co-ordinated day of action in March against cyber criminals, aided by forensic information provided by the FBI. On the day, 56 suspects UK-wide were arrested on suspicion of offences ranging from network intrusion and data theft to cyber-enabled fraud and denial of service attacks on multinational companies and government agency websites.

Elsewhere, though, the NCCU faced criticism for quietly forging relationships with its counterparts in China, despite private firms reporting high levels of state-sponsored cyber espionage originating from the country.

Independent:

 

« DARPA - Tech to Protect the Internet of Things
Six Emerging CyberSecurity Risks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IASME Consortium

IASME Consortium

IASME is one of five companies appointed as Accreditation Bodies for assessing and certifying against the UK Government's Cyber Essentials Scheme.

Celestix Networks

Celestix Networks

Celestix is a global provider of secure network solutions that enable the simple deployment of secure remote access connectivity.

Eversheds Sutherland

Eversheds Sutherland

Eversheds Sutherland is a global multinational law practice offering a full range of commercial and IT law services including Privacy, Data Protection and Cyersecurity.

Cyber Risk Policies

Cyber Risk Policies

CyberRiskPolicy.com is a joint venture between the Poindexter Surety Group of companies and Gibbs Cyber Security.

Information Security Research Group - University of South Wales

Information Security Research Group - University of South Wales

The Information Security Research Group has an international reputation in the areas of network security, computer forensics and threat analysis.

TechDefence Labs

TechDefence Labs

TechDefence Labs provide pentesting and security assessment services for networks, web apps, mobile apps and source code reviews.

ESTsecurity

ESTsecurity

ESTsecurity provides intelligent security threat management solutions to make a safer world.

SecureMetric Technology

SecureMetric Technology

SecureMetric is one of SE Asia’s leading players in the field of digital security with a focus on Software Licensing Protection, 2-Factor Authentication, Advanced Identity and Access Management, Publi

RATEL (SRB-CERT)

RATEL (SRB-CERT)

RATEL has been appointed as the National Center for the Prevention of Security Risks in ICT systems of the Republic of Serbia (SRB-CERT).

KOS-CERT

KOS-CERT

KOS-CERT is the national Computer Incident Response Team for Kosovo.

Attack Research

Attack Research

We go far beyond standard tools and scripted tests. Find out if your network or technology can stand real-world and dedicated attackers.

IT Jobs Watch

IT Jobs Watch

IT Jobs Watch provides a concise and accurate map of the prevailing IT job market conditions in the UK.

TAV Technologies

TAV Technologies

TAV Technologies is a provider of technology services to the aviation industry in areas including airport infrastructure systems, digital transformation and cybersecurity.

Cyber Skyline

Cyber Skyline

Cyber Skyline is a revolutionary cloud platform to practice, develop, and measure your team's technical cybersecurity skills.

Sayers

Sayers

Sayers is best known for its ability to solve business challenges with IT solutions. Our areas of expertise include cloud, storage, virtualization, security, mobility and networking.

Star Lab

Star Lab

Star Lab specializes in the development and productization of embedded security technologies.