Some Hackers Earn $2m A Year

Uploaded on 2020-07-22 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW

The escalation in cyber-crime has significantly increased. Compared to other criminal activities cyber-crime has relatively low risks and criminals have realised that they can make more money, with less risk of getting caught, and receive smaller penalties if they do get caught, by manipulating cyber technology for their own advantage.

Recent research finds that a number of cyber criminals are earning around $2m annually and others between $40k to $1m and so criminal activity has increased significantly. Now, organised criminal gangs are using the electronic connected world to cyber-attack and hack globally.
 
Nevertheless, hackers spend as much time designing their attacks as they do finding ways to stay below the radar. A single slip-up can result in the end of their malicious enterprise.

But there is some recent good news that European police have recently arrested more than 800 people after shutting down an encrypted phone system, EncroChat, used by organised crime groups to plot murders and drug deals. More than two tonnes of drugs and £54m in cash, sub-machine guns, an  assault rifle, high value cars and luxury watches were impounded, says the British National Crime Agency (NCA). 

The top-secret phone system had been used by criminals to trade drugs and guns has been successfully penetrated and shut down.

The NCA worked with forces across Europe on the UK's "biggest and most significant" law enforcement operation. However, many other cyber criminals are using malware, DDoS and phishing attacks on companies and individuals that have poorly protected data.

The Dark Web provides the perfect platform for hackers to trade their stolen data. It can only be accessed using specialist software, and any websites hosted on the Dark Web are encrypted and can’t be found using traditional search engines or browsers.

In the UK, cyber-crime and fraud are now the most common offences, with around ten percent of the population getting hacked successfully. More than five and a half million cyber offences are thought to take place each year which accounts for almost 50% of all UK crime. Despite the scale of the problem, more than 80% of all these crimes are not reported to the police. Therefore, cyber criminals are rarely caught and prosecuted because they are virtually invisible. Crime has transformed with the digital age and police forces around the world are now having to rapidly adapt in order to tackle the problem.

The global nature of the problem has called for a global response, and many international law enforcement agencies are now working closely together to take down some of the world’s biggest cyber criminals.

Due to the sophisticated tactics that hackers use to cover their tracks, it’s extremely difficult to catch them and bring them to justice. Only around 4/5% of cyber criminals are apprehended for their crimes which demonstrates just how challenging it is for law enforcement agencies to arrest and prosecute these offenders.

Hackers will often use secure software such as a proxy server to hide their identity and funnel their communications through lots of different countries in order to evade detection.

Other technologies like Tor and encryption enable them to add multiple layers to mask their identity. The combination of these tools allows them to commit their crimes undetected and in countries where they know they can’t be prosecuted.

Tracking hackers down is laborious and often takes a lot of time, collaboration and investigative research. Specialist cybercrime units need to be assembled in order to retrieve and analyse any potential evidence. Encrypted files will need decrypted, deleted files recovered and passwords cracked.

Catching Hackers

Despite what may seem like an insurmountable task, hackers are human and make mistakes. It’s often these careless errors that will trip the criminals up and leave a trail of evidence that the police can follow. The majority of cyber-crimes are financially motivated, however for a large number of hackers it’s the thrill of the hack and the excitement of bringing down a company’s computer system that motivates them.

Following an attack, many will turn to hacker’s forums to brag about their exploits and this often provides police with the vital clues they need to start identifying the person responsible. Some cyber police operations have found effective way to lure cyber criminals in and find out more about how they operate and who they are. Essentially, they’re a decoy computer system set up to mimic a likely target for an attack.

The systems will contain data and applications that will trick hackers into thinking they are attacking a legitimate target.  The information gathered from these dummy attacks can provide valuable information on who is responsible and if there are any similarities that links the individual to other attacks.

A hacker can gain access to your organisation easily when your staff are not following your internal policies and procedures and it is very important that your management and employees receive cyber training that they engage with and use.

PaCCS Research:      Metacomplinace:       Metacompliance:     Web Professionals:        TechTarget:     

Cyber Security Intelligence recommends GoCyber cyber training for all employees and management:

Click HERE to register for a  free GoCyber demo

You Might Also Read: 

Young Hacker Makes $1m. Legally:

 

« Iran Threatens Retaliation For Cyber Attack At Nuclear Site
The Key Cyber Security Challenges »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Webroot

Webroot

Webroot delivers next-generation endpoint security and threat intelligence services to protect businesses and individuals around the globe.

Greenbone Networks

Greenbone Networks

Greenbone Networks delivers a vulnerability analysis solution for enterprise IT which includes reporting and security change management.

FoxGuard

FoxGuard

FoxGuard develops customized cyber security, compliance and industrial computing solutions for critical infrastructure entities and control system vendors.

Asoftnet

Asoftnet

Asoftnet are specialists in IT security, IT forensics, IT service, websites, applications and mobile solutions.

MaskTech

MaskTech

MaskTech supplies highest security embedded chipsets, operating systems and related middleware for electronic identification cards, travel documents and authentication solutions.

Balbix

Balbix

Balbix BreachControl™ is the industry’s first system to leverage specialized AI to provide comprehensive and continuous predictive assessment of breach risk.

AppTec

AppTec

AppTec is a leading software vendor in the field of Unified Endpoint Management and Mobile Security.

SmartContractAudits.com

SmartContractAudits.com

SmartContractAudits.com is the leading platform for finding companies providing smart contract auditing services.

Secure Blockchain Technologies (SBT)

Secure Blockchain Technologies (SBT)

SBT is a team of Enterprise IT Security Professionals weaving security and Blockchain Technology into our customer’s operational fabric.

KrCERT/CC

KrCERT/CC

KrCERT/CC is the National Computer Emergency Response Team in Korea.

International Association of Security Awareness Professionals (IASAP)

International Association of Security Awareness Professionals (IASAP)

IASAP provides a members-only virtual sharing platform where security awareness professionals engage in a lively, year-round exchange of information and ideas.

Altospam

Altospam

Altospam is a full service corporate email protection, integrating multiple security levels for your emails.

SecureCyber

SecureCyber

Secure Cyber Defense offers industry-leading technology and managed detection and response solutions.

Lupasafe

Lupasafe

Lupasafe is an all-in-one cybersecurity platform for MSPs and SMEs. See all your cyber risks: From training to phishing, darkweb scans, continuous tech monitoring, AI insights, reporting & compliance.

8kSec

8kSec

8kSec is a cybersecurity company specializing in training, consulting, and research.

ManagedMethods

ManagedMethods

ManagedMethods is a leading Google Workspace and Microsoft 365 data security and student safety platform for K-12 schools.