A small subset of professional criminal actors is responsible for the bulk of cybercrime-related damage, employing tools and techniques as sophisticated, targeted and insidious as most nation-state actors, says the State of Cybercrime Report 2018.
These sophisticated and capable criminal gangs operate largely outside of the dark web, although they may leverage low-level criminal tools occasionally when it serves their purposes.
Key findings were the following:
- The boundary between nation-state and cybercriminal actors continues to blur.
- Ransomware continues to be a serious threat.
- Sophisticated criminal gangs are earning millions of dollars of revenue through stolen payment card data.
- The dark web is not the darkest depth of the cybercriminal world.
Cybercriminal activity remains a robust market economy
Sophisticated criminal gangs have combined advanced social engineering (expertise in deception and manipulation) and network intrusion techniques with point-of-sale (POS) malware to generate millions of dollars of revenue through stolen payment card data.
Cybercriminals are also clever about monetizing card data even after the theft has been discovered, and credit card dump sites such as JokerStash have come under scrutiny as a possible way for sophisticated criminals to do just that.
Cybercriminal activity remains a robust market economy because it is adaptive and constantly evolving, to stay ahead of it, it is imperative that organizations develop a holistic understanding of the landscape and how it relates to them.
How can you avoid cybercrime?
- Use stronger passwords and change them on a regular basis.
- Activate your firewall. Firewalls are the first line of cyber defense.
- Check your security settings. Be careful what information
you post online. - Secure your mobile devices
- Protect your data. Use encryption for your most sensitive files such as tax returns or financial records.
- Secure your wireless network. Wi-Fi (wireless) networks at home are vulnerable to intrusion if they are not properly secured.
- Avoid being scammed. Always think before you click on a link or file of unknown origin.
- Call the right person for help. If you suspect a computer crime, identity theft or a commercial scam, consult with your service provider or a certified computer technician.