Academic journal article Defense Counsel Journal

Hackers' Bazaar: The Markets for Cybercrime Tools and Stolen Data

Academic journal article Defense Counsel Journal

Hackers' Bazaar: The Markets for Cybercrime Tools and Stolen Data

Article excerpt

MALICIOUS hackers and cyberattacks are getting more attention these days - a result of both an uptick in the number amount of attacks as well as of increased public attention and fascination.

2014 was the year the hack went viral. Notable data breaches included those at retail giants Target and Home Depot, health-care provider Community Health Systems, financial institution J.P. Morgan Chase, and entertainment giant Sony. For the retail sector in particular, the stolen data from these hacks appeared within days on black market sites.

These cyber black markets offer the computer-hacking tools and services to enable and carry out cybercrime attacks, as well as the byproducts from those attacks - the stolen credit cards, personally identifiable information, and intellectual property.

The RAND Corporation, with support from Juniper Networks, wanted to understand the landscape and the character of these cybercrime black markets: what the markets look like today, where they came from, as well as where we're headed in the future.

To do so, we sought out and interviewed experts ranging from academics, to security researchers, reporters, security vendors and law enforcement personnel - folks who have a personal connection to these markets, from a variety of angles. We also reviewed literature and technical reports on this topic and personally observed some of the marketplace forums and websites.

The markets for cybercrime tools and stolen data have become so pervasive and accessible that the malicious hacking trade today can for some people in certain aspects be more lucrative and easier to carry out than the illegal drug trade. The hacking trade has matured into specialized markets, in which those who have gained the greatest access deal freely in its tools and spoils: exploit kits (software for creating, distributing, and managing attacks), botnets (remotely controlled computers used for sending spam or flooding websites), "asa-service" offerings (hacking for hire), compromised hosts, and a continually flooded market for stolen credit-card numbers and other personal credentials.

These markets are dispersed, diverse, and segmented; constantly changing and innovating to both keep pace with consumer trends as well as to prevent lawenforcement and security vendors from understanding them. They come in many forms. Some are dedicated to one product or a specialized service. Others offer a range of goods and services for a full lifecycle of an attack - from the tools needed to exploit a system, all the way through to the cyber laundering of the stolen goods.

I. The Current State of These Markets: Where Are We Now?

Today, the markets for cybercrime tools and stolen data are quite advanced. Cybercrime markets are rapidly growing, maturing, and continuously innovating. They are full of increasingly sophisticated organizations, people, products, and methods for communicating and conducting business transactions. They are resilient in the face of takedowns and constantly adapting to new tactics and techniques of law enforcement and computer security vendors. Finally, they are easy to enter.

II. How Did We Get Here?

Less than 15 years ago, cybercrime was committed by ad hoc networks of individuals motivated largely by ego and notoriety, who mostly wanted to get on to systems and prove themselves to one another. Job opportunities and fame resulted from this display of technical abilities. This was the age of the lone-wolf hacker, where most participants had some sort of technological skill and already knew each other on- or off-line.

Cybercrime grew as more of the world gained a digital component. Access to computing technology became more prevalent, and there were more technologically savvy people. Criminal enterprises recognized this as a golden opportunity to exploit users and systems for less risk than through traditional crime avenues. As a result, motivations shifted towards financial gain, and more crime contained a digital nexus or electronic connection. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed


An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.