Examining the rise of the digital mafia
Looking at digital transformation in business, in 2016, Locky spawned a file-encrypting epidemic. Since then, it has become the most prevalent ransomware on the planet.
Targeting healthcare institutions, telecom companies, universities and governments, as well as individual users, its continuous, pitch-perfect campaigns demonstrate how organised crime is digitising faster and more successfully than many “legitimate” enterprises.
Companies and entire national economies today face the Herculean task of making sure their digital transformation is a secure one.
No easy task, when you consider how online criminal syndicates are pooling resources, utilising spear phishing, ransomware and DDoS attacks to extort monies from victims of all sizes.
The emergence of Locky, a new strain of ransomware, early in 2016 demonstrates just how successful cyber criminals are becoming at mastering the digital transformation agenda.
Locky’s creators invested significant time and resources in product development – identifying the best user interface, performance and encryption security protocols – so much so, that the FBI actually recommended victims pay the ransom to get the correct decryption code.
To support their programme the criminals created a “customer help centre” to handle sales and support. If victims have problems decrypting their data, online “staff” are on-hand via chat rooms to walk “customers” through the process.
This ensures that there are no negative social media reports from victims who, having paid up, are unable to regain access to their files.
When it comes to propagating Locky, the online criminals have done their homework. In December their latest phishing campaign reached millions of “customers” in over a hundred countries within just days.
Most startups would be overwhelmed by such success, but the distributors of Locky have created a highly mature online infrastructure to manage high volumes of “customer” payments and enquiries – in multiple languages – from the victims that they target.
A short history of cyber crime
Historically romanticised as “geeks and savants” who were a force for good, back in the 1970s hackers began life as technology enthusiasts who explored or tested the limits of programmes and communication networks.
But by the 1990s, a new generation of malicious hackers were emerging and within ten years the hacking community had become much more complex and fragmented.
Today, it spans a whole spectrum of actors – including security researchers and bug bounty hunters, hacktivist groups like Anonymous, as well as sophisticated and highly organised criminal groups.
Unsurprisingly, the Mafia has also proved adept at rapidly transferring its operations online and adopting digital business models and processes to undertake money laundering, fraud, trafficking and extortion activities.
Indeed, digitisation offers multiple advantages for organised crime syndicates; enabling operational efficiencies, extended geographic reach and anonymity.
Driven by profit, these cyber crime bosses are recruiting armies of well-trained IT specialists – who often operate out of in low-wage countries and emerging markets – to execute Internet powered operations and campaigns.
An ever-evolving threat
In recent years we’ve witnessed the growing “commoditisation” of cyber crime tools. Today, it’s easy to buy pre-configured hacking tools on the Dark Web, where advanced threat packs, zero day threats and cracking packages for IT infrastructures are all readily available.
Customers for these user-friendly tools include criminal organisations, terrorists and state-sponsored entities.
Indeed, intelligence agencies confirm that terrorists, mafia cartels and criminal hackers are increasingly collaborating to share information, resources, procedures and practices in order to pursue their varied goals more effectively.
It’s a worrying trend that highlights just how adept criminal groups are becoming at creating global teams – building out digital supply chains that enable them to pursue highly adaptive strategies and capitalise quickly on identified opportunities.
It’s a transformative move that is set to see criminal organisations, many of which are state-sponsored, using DDoS attacks of unimagined proportions to paralyse critical infrastructure.
But while major institutions and global corporations represent tempting targets, hackers also know that small businesses can be a similarly lucrative opportunity.
Ransomware attacks are cheap to operate and many smaller organisations aren’t appropriately prepared to defend against such a threat.
Over the coming year we can expect to see hacker behaviours and targets evolving. For example, cyber criminals can now take advantage of the ubiquity of the smartphone to undertake micro hits on individuals around the globe, confident that investigating authorities will be unable to pursue such mass extortion tactics.
Taking steps to protect digital assets
Criminals are already ahead of the game when it comes to seizing the potential of digital transformation. In comparison, large and small companies and entities often struggle to achieve digital transformation or struggle to secure their digital enterprise once they have embraced a more digital way of doing things.
Taking a “Security by Design” approach is becoming a critical requirement. This means ensuring the necessary security systems and approaches are evaluated at the planning and design stage.
Whether that’s for mobile devices and wearables, back end devices – including cloud – and networked IoT devices, from the printer, to CCTV, to every last connected sensor.
This approach will significantly reduce the attack vectors that cyber criminals can utilise to infiltrate the digital enterprise.
It also makes it a resource-intensive and therefore expensive task, with potentially limited opportunity.
Security no longer has to be a limiting factor in the digital journey, but it is an essential one if companies expect to thrive and survive in the era of digital transformation.
Wieland Alge is VP and GM EMEA at Barracuda Networks