Wednesday, December 11, 2019
Crimeware and Malware-Based Business for Attackers - myassignmenthelp
Question: Discuss about theCrimeware and Malware-Based Business for Attackers. Answer: Introduction Information is an integral part of the business organizations and is also of utmost significance for the users. With the increase in the use of information and data sets, there are increased number of risks that have emerged in association with the information and network security. There are various agents and carriers that are associated with the occurrence of these risks and attacks. One of the widely occurring forms of these attacks is Crimeware and malware. With the occurrence of the attacks, there are varied degrees of impacts that may result. These impacts may range from the low to severe degrees of impacts. The report describes the definition and meaning of Crimeware and malware along with the description of the recent trends in the area of Crimeware and malware. The different types of the Crimeware and malware activities along with details on Crimeware as an organized business have been covered in the report. Background of Crimeware and Malware There are various forms of malevolent activities that are carried out by the attackers and hackers. One such activity that is illegal is termed as Crimeware. Crimeware is defined as an illegal activity that is executed in an illegal manner and is done to cause damage to the party that is affected. Some of the popular types of Crimeware include spyware, browser hijacking, keyloggers etc. Phishing kits have also been developed nowadays so that the phishing attacks can be easily executed by the attackers that have little or limited technical knowledge (Snyder, 2015). Another form of such illegal security attacks are malware attacks. There are different types of malware that may be executed, such as, viruses, worms, Logic Bombs, spyware, ransomware, Trojan Horses etc. These are the malicious codes and programs that are written to cause damage to the systems or the networks on which the malware is launched. There may be a trigger required for the occurrence and execution of the malware. It may also be possible that the malware is caused without the need of a trigger. These malicious codes may or may not be self-replicating in nature; however, the impact that these codes have on the infected system can be extremely severe (Palmer, 2017). The primary motive of the attackers behind the execution of the malware attacks is to gain unauthorized access to the systems and the information and to cause damage to the affected party. Recent Trends in Crimeware and Malware The trends in the area of Crimeware and malware keep on changing. Zombies which are also known as botnets have started to impact a lot many systems in the present times. In this form of the security attack, Trojan viruses are used to infect the systems and the control of each of the infected systems is taken. These systems are then connected in a network which is called as bot and it is this bot which is then remotely controlled by the attacker. Cyber criminals tend to make sure that a larger network of computer systems get impacted and get covered in the network. These networks of hundreds and thousands of computer systems are then used to give shape to the denial of service attacks or the distributed denial of service attacks. In this form of attacks, the availability of the systems is impacted (Welivesecurity, 2016). Trojan Horses are the malware that have the capability to impact a large number of systems and the impact is also severe in nature. There are banking Trojan gangs that have emerged which attempt to steal the banking details and information of the customers. These forms of malware result in legal obligations for the banks or the parties that are affected by the attack. Malware codes that are designed and executed have different forms but the goals of each of these codes are the same. These codes are designed to cause damage to the systems and the information channels along with the networks that are connected with the same. One of the recent forms of such attacks is the Point of Sale (PoS) malware. This is the malicious code that attacks a particular business and the sales transactions that are executed in association with such businesses (Scmagazine, 2017). Another form of malware attack is the ransomware attack. In this form of malware attack, the attackers gains unauthorized access and control to the system and the networks. As a result, the owner of the system are demanded to pay a ransom amount in return so that the control is provided again. Recently, a ransomware attack was given shape by using worms as the malware and the attack took place at a global level. It was termed as WannaCry and there were hundreds and thousands of systems that got impacted by the attack in over 150 countries. After the execution of WannaCry, the attackers have been successful in creating many such attacks and occurrences (Savage, 2015). Mobile devices and mobile applications are being increasingly used by the business organizations. These devices and applications are often the carriers as well as the victims of the malware attacks. There are increased authentication vulnerabilities that have emerged to the mobile based systems and applications with the implementation of two-factor authentication. There are new forms of malware that have been designed which have the capability to impact the mobile device as well as the service that is used. Such forms of malware and Crimeware have the ability to cause a significant damage to the device and application. Internet of Things (IoT) based applications are in trend in the recent times. These IoT based applications also fall victim to the malware and Crimeware attacks. There are IoT based malware codes that are designed so that the information that is present in the applications is accessed in an unauthorized manner. There are many new entrants in the market that are providing the users with the IoT based applications. However, such new entries do not have sufficient funds to install security patches and avoid the security risks and attacks. This leads to the increase in probability and likelihood of the attacks. Mobile payments are also exposed to a number of security risks and attacks. The probability of malware and Crimeware in mobile payments has increased in the last few years. This is because of the reason that the use of the mobile applications and devices along with the mobile based services has increased. Many of the viruses and worms are designed to target the financial payments and transactions that take place through the mobile devices and applications. These malicious codes capture the details of such transactions which are later misused causing a significant damage to the user and the business organization involved. Types of Crimeware and Malware Activities There are various types of Crimeware and malware activities that are executed by the attackers. Some of the types of such activities include organized crime, ad fraud, hacktivism, credential harvesting, payment systems fraud, medical data fraud, bank fraud and many more. Most of these activities are executed with the motive of gaining some form of a monetary gain. Ad frauds are carried out by the attackers which include the release of advertisements by making use of fake traffic. In this manner, the advertising network gets paid as it looks like the attack has been viewed by the users. Payment system frauds are becoming increasingly common with the use and application of electronic payments. It is done by directly impacting the payment system or by making use of money laundering. Medical records fraud is also done with the motive to gain money and cause damage to the party that is impacted. In this form of Crimeware or malware activity, the medical data of a particular entity is captured and is stolen which is then provided to an unauthorized user. There are user names and passwords that are also stolen which are then misused so that the entry to the user account can be made. Once the attacker succeeds in gaining entry to the user account, all of the associated information gets exposed. This information is then passed on to the competitors or the enemies of the organization. There are loosely organized groups that are involved in the execution of the malware/Crimeware activity called hacktivism. These groups organize these attacks for ideological or political reasons. Hacktivism is further classified in three categories as nuisance, disruptive and destructive. Twitter handle takeovers are an example of the nuisance hacktivism which are executed to cause social disturbance. Other forms of Crimeware/malware are botnets, distributed denial of service (DDoS) attacks which are disruptive in nature. The data of an organization or the personal device of a user gets impacted in the destructive hacktivism. Bank fraud is a type of the malware activity in which the primary targets are the banks and the financial corporations and organizations. In these attacks, the attackers make use of techniques such as phishing or spoofing or any other to trick the executives and users that are associated with the banks. This leads to the passage of sensitive financial details and information to the unauthorized entities. These activities can have devastating impacts on the users that are affected and also on the organizations. There are increasing numbers of such cases that are being reported with the use of electronic transactions in the field of banking and accounting activities. Technical development is an important aspect of the Crimeware and malware activities. There are various tools that are required for the execution of such tasks and these tools are first analyzed by the attackers and hackers in terms of their need, design and development process. These tools are also developed as part of the entire lifecycle of the malware or Crimeware which are then used to give shape to the attack. Crimeware as an Organized Business Crimeware has emerged as an organized business after the increased probability of the attacks and the enhancement of the attack surface and attack window. There is a specific and designated human resource department that is setup to look out for various skills and there are job opportunities that are looked out by the people. Some of these profiles and job opportunities include tool development, cyber laundering, recruiting, sales and marketing, legal, background checks and escrow services. The educational qualification that is necessary to get into the business of hacking can be negligible to extremely specific in nature. For instance, in the execution of certain types of attacks, such as, Brute Force attacks, there are no specific educational skills that are required. However, some of the advanced forms of attacks demand knowledge of a certain programming language or coding platform. There are tools that are necessary for the execution of the security attacks and Crimeware. Technical development is an important aspect of the Crimeware and malware activities. There are various tools that are required for the execution of such tasks and these tools are first analyzed by the attackers and hackers in terms of their need, design and development process. These tools are also developed as part of the entire lifecycle of the malware or Crimeware which are then used to give shape to the attack. There are jobs that are available in this area and the resources that are qualified for the same are provided with the opportunity to develop and deploy such tools. Trust plays an extremely significant role in the Crimeware business. This is because of the reason that the hackers also have a huge network that is used to give shape to a security risk or an attack. The confidentiality of the information and the hack job that is to be executed needs to be kept private until the execution of the attack is complete. There are roles of guarantors and recruiters that have been created to serve this purpose. These entities select and identify the resources that will not cheat and will serve their purpose and duty to the fullest (Gcc, 2017). The primary goal of any business task or an activity is to achieve the results with the involvement of minimum costs. The same holds valid for the Crimeware business as well. Region or location plays an extremely important role in case of Crimeware or malware. This is because of the reason that there are many attacks that are executed on the basis of the location of the user or the system. The occurrence of the cyber based attacks is always virtual in nature; however, the location of the actor is also significant. There may be cases wherein the attacker may not be experienced and may make it easy to give information on his or her location. In such forms of attack, the probability of being caught increases which is a negative point for the continuity of the Crimeware business. Support and maintenance are also two types of operations that are involved in the Crimeware business. The tools that are used to give shape to the Crimeware or the malware need security patching and updates. In case of absence of these updates, the performance of these tools may deteriorate and their purpose may not be served. Therefore, support is an essential operation in case of Crimeware business. There is a support staff that is also present in the organized Crimeware business and the members of these staff resolve the incidents that are reported (Vogel, 2016). Cash flow and cyber laundering is a significant part of the Crimeware business. There is money that is required for the execution of the Crimeware activities and it is necessary to ensure that this money is represented as authentic and clean. The conversion of the illegal and dirty money to the clean money in the cyberspace is a part of the Crimeware operations. There are various layers and networks that have been set up by such malevolent entities to represent the fake or illegal activity as real entity. It then becomes very difficult to track the difference between real and fake. There are escrow services that are also involved in the Crimeware business. These are the services and the entities that act as a mediator between two parties involved in the execution of a Crimeware activity. For instance, if an entity wishes to buy an exploit from another entity then escrow services provide verification and validation on the same. It is only after the approval that the process can be termed as completed (Taylor, 2016). Technical development in case of Crimeware business is not restricted to the development and maintenance of the tools only. There is also a great work of research that is also required to be done to make sure that the process of technical development is adequate. Research is an important part of the technical development that includes activities such as credential harvesting, uncovering of the zero day vulnerabilities, new technological exploration, development of the botnets, scanning media coverage and many more (Bullguard, 2017). Credential harvesting is a process in which the credentials of the user accounts are targeted. There are user names and passwords that are stolen which are then misused so that the entry to the user account can be made. Once the attacker succeeds in gaining entry to the user account, all of the associated information gets exposed. This information is then passed on to the competitors or the enemies of the organization. The information that is acquired helps in the process of research and analysis along with the technical development. Botnets are also discovered as part of the process of technical development. In this step, Trojan viruses are used to infect the systems and the control of each of the infected systems is taken. These systems are then connected in a network which is called as bot and it is this bot which is then remotely controlled by the attacker. Cyber criminals tend to make sure that a larger network of computer systems get impacted and get covered in the network. These networks of hundreds and thousands of computer systems are then used to give shape to the denial of service attacks or the distributed denial of service attacks. In this form of attacks, the availability of the systems is impacted. There are also many other activities that are carried out in the process of research. Marketing and sales is also an important aspect and part of the entire chain of Crimeware activities. In this process and operation, the information regarding the hacking and Crimeware activities that are performed are spread over to other entities and business present in the same field. This leads to the ability to spread awareness about the work being done and the opportunities and skills are also identified that may be required. Crimeware has succeeded in setting up as an organized business as it involves the use of the activities and operations that are otherwise involved in all the other forms of business operations and activities. Conclusion There are various agents and carriers that are associated with the occurrence of these risks and attacks. One of the widely occurring forms of these attacks is Crimeware and malware. Crimeware is defined as an illegal activity that is executed in an illegal manner and is done to cause damage to the party that is affected. Some of the popular types of Crimeware include spyware, browser hijacking, keyloggers etc. There are different types of malware that may be executed, such as, viruses, worms, Logic Bombs, spyware, ransomware, Trojan Horses etc. These are the malicious codes and programs that are written to cause damage to the systems or the networks on which the malware is launched. There may be a trigger required for the occurrence and execution of the malware. The trends in the area of Crimeware and malware keep on changing. It is therefore necessary to make sure that the information on such trends is always gained so that the countermeasures are accordingly created and implemente d. There are various types of Crimeware and malware activities that are executed by the attackers. Some of the types of such activities include organized crime, ad fraud, hacktivism, credential harvesting, payment systems fraud, medical data fraud, bank fraud and many more. References Bullguard (2017). What are zero-day attacks?. [online] Bullguard.com. Available at: https://www.bullguard.com/bullguard-security-center/pc-security/computer-threats/what-are-zero-day-attacks.aspx [Accessed 6 Oct. 2017]. Fireeye (2017). Recent Zero-Day Exploits | FireEye. [online] FireEye. Available at: https://www.fireeye.com/current-threats/recent-zero-day-attacks.html [Accessed 6 Oct. 2017]. Gcc (2017). The Business of Hacking. [online] Available at: https://www.gcc.com.cy/news/HPE/The_business_of_hacking.pdf [Accessed 8 Oct. 2017]. Palmer, D. (2017). This Android-infecting Trojan malware uses your phone to attack your router | ZDNet. [online] ZDNet. Available at: https://www.zdnet.com/article/this-android-infecting-trojan-malware-uses-your-phone-to-attack-your-router/ [Accessed 6 Oct. 2017]. Savage, K. (2015). The evolution of ransomware. [online] Available at: https://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the-evolution-of-ransomware.pdf [Accessed 6 Oct. 2017]. Scmagazine (2017). Three and a Half Crimeware Trends to Watch in 2017. [online] SC Media US. Available at: https://www.scmagazine.com/three-and-a-half-crimeware-trends-to-watch-in-2017/article/630485/ [Accessed 8 Oct. 2017]. Snyder, B. (2015). Hacking is a business -- and business is good. [online] InfoWorld. Available at: https://www.infoworld.com/article/3011447/cyber-crime/inside-the-hacking-economy-the-business-of-cyber-crime.html [Accessed 8 Oct. 2017]. Taylor, H. (2016). A $445B economic threat you aren't prepared for. [online] CNBC. Available at: https://www.cnbc.com/2016/02/05/an-inside-look-at-whats-driving-the-hacking-economy.html [Accessed 8 Oct. 2017]. Vogel, M. (2016). Hacking as a business model. [online] Florida Trend. Available at: https://www.floridatrend.com/article/19472/hacking-as-a-business-model [Accessed 8 Oct. 2017]. Welivesecurity (2016). Trends in Security Everywhere. [online] Available at: https://www.welivesecurity.com/wp-content/uploads/2016/02/eset-trends-2016-insecurity-everywhere.pdf [Accessed 8 Oct. 2017].
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.