Hackers` black market is a growing threat to govts, bizs: Rand

Black markets that sell computer hacking tools and services like stolen credit card numbers continue to grow, posing a growing hazard to governments, businesses and individuals, a study by RAND Corporation said.

New Delhi: Black markets that sell computer hacking tools and services like stolen credit card numbers continue to grow, posing a growing hazard to governments, businesses and individuals, a study by RAND Corporation said.

The global study, Markets for Cyber crime Tools and Stolen Data: Hackers` Bazaar, was sponsored by IT and computer networking firm Juniper Networks.

The report states that black and gray markets for hacking tools, services and byproducts are growing in size and complexity.

"The hacker market, once a varied landscape of discrete, ad hoc networks of individuals initially motivated by little more than ego and notoriety, has emerged as a playground of financially driven, highly organised and sophisticated groups," it said.

In certain respects, black market can be more profitable than the illegal drug trade. The links to end-users are more direct and because worldwide distribution is accomplished electronically, the requirements are negligible, it added.
"RAND`s report, confirmed by Juniper`s vast experience in the network security ecosystem, suggests that cyber black markets are a mature and growing multi-billion-dollar economy with a robust infrastructure and social organisation.

RAND report reveals that cyber black markets, like any other economy, react to market forces like supply and demand, and continue to evolve.

"Like other forms of e-commerce, many data records, exploit kits and goods are bought and sold from storefronts, which can encompass everything from instant messaging chat channels and forums to sophisticated stores," it said.

RAND`s study found that some organisations can reach 70 to 80,000 people, with a global footprint that brings in hundreds of millions of dollars.
The study said that not only goods, but criminal services are also available for purchase.

"These tools, sold on the black market as traditional software or leased like any other managed service, can help enable the most unskilled hackers to launch fairly elaborate and advanced attacks," the study said.

Citing examples, RAND said it found botnets, which can be used to launch a Distributed Denial of Service (DDoS) attack, are sold for as low as USD 50 for a 24-hour attack.

Cyber black market transactions are often conducted using digital currencies like Bitcoin, Pecunix, AlertPay, PPcoin, Litecoin, Feathercoin and Bitcoin extensions like Zerocoin.

"RAND found many criminal sites are starting to accept only digital crypto currencies due to their anonymity and security characteristics," it said.

On the working profile of criminals, the Corporation said it found cyber criminals from China, Latin America and Eastern Europe being known for quantity in malware attacks, while, those from Russia tend to be thought of the leader in quality.

RAND also found areas of expertise and focus in this regard in different countries. Many Vietnamese criminal groups mainly focus on e-commerce hacks, it said.

Cyber criminals from Russia, Romania, Lithuania and Ukraine focus on financial institutions and many Chinese cyber criminals specialise in intellectual property, it added.

The study also found US-based cyber criminals primarily targeting US-based financial systems.

"Even the criminal cyber black market has criminals. Known as rippers, these specific bad guys do not provide the goods or services they claim," the study said.

The research study was conducted by the Acquisition and Technology Policy (ATP) Center of the RAND National Security Research Division (NSRD).

NSRD conducts research and analysis on defence and national security topics for the US and allied defence, foreign policy, homeland security and intelligence communities, among others.

The research report is based on in-depth interviews conducted by RAND between October and December 2013, with global experts who are currently or formerly involved in the market, including academics, security researchers, reporters, security vendors and law enforcement.

It is the first of a series of reports from RAND that are sponsored by Juniper Networks.