Cyberattack Service Providers and Extent of the Cybercrime Ecosystem

This is an Alert for the CYBER MARKET PULSE, a series from eosedge Legal – Strategic Partner of IR Global offering commentary about cyber risks and the marketplace.   

In this Alert, we are informing all IR Global members about the manner in which cyberattackers collaborate to monetize hacking, in this case ransomware attacks.  That said, the primary objective here is to inform members about the extent and maturity of the attacker network.  Recently, at the West Coast group meeting in Sonoma, CA, among IR Global members, I spoke about the proliferation of cyber threats.  This Pulse expands upon that message.

Here is a story where Google’s Threat Analysis Group reported on “access brokers” who sell victim prospects to notorious ransomware gangs.  https://techcrunch.com/2022/03/17/google-exotic-lily-conti-ransomware/  In other words, similar to how ordinary businesses rely upon business partners for leads, business development and other non-core services, to allow the provider business to focus on its core competency, ransomware gangs and other hackers pay other malicious actors for leads to vulnerable businesses.  These access brokers use scanning tools to detect businesses which have not patched systems or for other vulnerabilities, or perhaps even hacked access in some situations, so that the victims can be targeted by the ransomware gangs.

Further, attackers can buy or rent off the black market (aka darknet) botnet capacity, hacking-as-a-service tools, malware code, and other ways and means to exploit a victim.  The last Pulse also shared information about the spillover of zero-day attack resources spreading in the “wild” as a result of the war in Ukraine.

Attacks are up, so your preparedness and readiness needs to improve.  As discussed in Sonoma, global cybercrime theft, measured in US dollars, exceeds the GDP of many nations – reliable sources put the amount of losses at $1 Trillion annually (and growing).  And it’s worth noting that most network compromises go unreported.  Another earlier Pulse informed members where to look to improve Cyber Readiness in 2022.        

eosedge Legal is the trusted partner to the IR Global membership for cyberlaw and security services.  The Cyber Market Pulse is a recurring feature concerning risks and opportunities in cyberspace.