A Quick Tour in the Web Black Market

Uploaded on 2015-06-24 in NEWS-News Analysis, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Law

rand-cyber-black-market.jpg

Black Markets are places on the web where it is possible to acquire or rent “malicious” services and products, these markets are growing fast and are becoming very popular in the criminal underground. Among the most commercialized products offered in the black markets there is user’s personal information, but which its value for cyber criminals.
 
Once selected the various types of personal information, the application shows potential markets where a data could be sold and related price.

A report published by the RAND corporation titled “Market for Cybercrime Tools and Stolen Data” provided useful information for product and services available in the principal underground markets. This Report was created by researching the markets and interviewing experts in IT security industry and in the following table the principal goods and services exchanged on the black market are listed.

What is important to note is that in recent years the market’s access has grown thanks to the fact that many people, even if they are not technically skilled, can buy services or goods already made to initiate their activities as “lamier”. The report also notes that:
“Markets tend to make activities more efficient, whether such activities are laudable or criminal  (or, at least, subterranean). The world of hacking can be seen as a market: Buyers seek the best price; sellers ply their wares or skills to make the most profit. This scenario is subject to typical market forces, with prices rising when demand is high and falling when it is low. Over time, good products squeeze out bad ones, and high-quality brands can command premium prices. Mergers and acquisitions occur, and deals get made between market participants who know and trust each other. ”

In the last 10 years the market has started to be organized and guided by the exchange of products and services between groups and individuals (diagram above).

The RAND report reveals that the money is closer to those who have technical ability, like a zero-day researcher, or malware writers. These individuals write or analyze malicious code sell exploits to trigger newly discovered vulnerabilities in principal software.
The report goes on to explain the various channels through which the products and services are commercialized.

The most important requirement for both buyer and sellers is the anonymity of the channel used for the transaction, for this reason black markets based on anonymizing networks (i.e. Tor, I2P) and using virtual currencies like Bitcoin to anonymize payments.

Some of the most important malicious effects of the black market over the last few years as indicated in the RAND’s report is where data from as many as 40 million credit cards and 70 million user accounts were hijacked, such data appeared within days on black-market sites. Other examples of attacks and their links to underground markets include: recent increases in the use of watering-hole attacks (where users visit popular, legitimate, but compromised websites) when clicked they infect a victim’s computer. 

Perhaps the hacker’s market is not “more profitable than the illegal drug trade”, as the RAND report suggests, but it is a big commercial opportunity for a large amount of people.  Anyone who has a computer can enter the market and start a business. The channels are pretty much secure and even if you do not look like a new Al Capone, if you want, you could be a “dark trader” of stolen credit card or a good broker of new zero-day vulnerabilities.
Security Affairs: http://bit.ly/1JD1NC4

« WhiteHat Security: Majority of Websites Are Vulnerable to Data Thieves
US spied on French presidents »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Celestix Networks

Celestix Networks

Celestix is a global provider of secure network solutions that enable the simple deployment of secure remote access connectivity.

IT GRC Forum

IT GRC Forum

The IT GRC Forum is an online resource and networking platform for the Governance, Risk Management, and Compliance (GRC) community

Micron Technology

Micron Technology

Micron is a global leader in the semiconductor industry providing memory and secure storage devices for Networks, Mobile devices and IoT applications.

DeviceLock

DeviceLock

DeviceLock is a leading provider of endpoint device/port control and data leak prevention software.

Hewlett Packard Enterprise (HPE)

Hewlett Packard Enterprise (HPE)

HPE is an information technology company focused on Enterprise networking, Services and Support.

Cognni

Cognni

Cognni (formerly Shieldox) will make your InfoSec think like a human, right out of the box, so you can focus on the bigger picture, keeping the information flow safe.

National Cyber Security Centre (NCSC) - Switzerland

National Cyber Security Centre (NCSC) - Switzerland

The National Cyber Security Centre is Swizerland's competence centre for cybersecurity and the first contact point for businesses, public administrations, and the public for cyber issues.

CSIRT GOV - Poland

CSIRT GOV - Poland

Computer Security Incident Response Team CSIRT GOV, run by the Head of the Internal Security Agency, acts as the national CSIRT responsible for coordinating the response to computer incidents.

ICT Reverse

ICT Reverse

ICT Reverse is one of the UK’s leading, fully accredited providers of ICT asset disposal and secure data erasure.

FutureCon Events

FutureCon Events

FutureCon produces cutting edge events aimed for Senior Level Professionals working in the security community, bringing together the best minds in the industry for a unique cybersecurity event.

Salient Law

Salient Law

Salient Law is a virtual law firm that specialises in advising providers and users of technology on contracts involving technology.

DataEndure

DataEndure

DataEndure helps companies build digital resilience so that their critical information assets are protected and available to the right people, at the right time.

Forta

Forta

Forta is a real-time detection network for security & operational monitoring of blockchain activity.

TheHive Project

TheHive Project

TheHive Project is a Scalable, Open Source and Free Security Incident Response Platform for SOC, CSIRT and CERT teams.

Darknone Global

Darknone Global

Darknone is a consortium of elite hackers and security leaders united by an unbridled passion for augmenting the security of the digital realm.

APIsentry

APIsentry

APIsentry is a leading provider of comprehensive API security solutions, specializing in protecting organizations from a wide range of cyber threats targeting their Application Programming Interfaces.