Rise of digital gangs and vigilantes

By Marcin Kleczynski, CEO and Co-Founder, Malwarebytes

If you’re reading this article, you’re likely already familiar with the frequency and variety of cyber attacks that happen on an almost daily basis. In fact, it seems like almost every week, there’s a new story about how company X was breached and lost millions of customer records or data. And while it used to be common to imagine hackers as hoodie-wearing, Mountain Dew-drinking, computer nerds sitting in dark basements surrounded by stacks of computer parts, the reality is, the sophistication behind today’s attacks goes far beyond what most of us could previously have imagined.

And while the nuances of cybercrime may be unclear to many, the structure, execution, and purpose of these attacks are reminiscent of well-known criminal organizations throughout history, but instead of Tommy guns and violin cases, today’s criminals rely on digital weapons like malware and ransomware to extort and intimidate their victims.

At Malwarebytes, we recently commissioned a study to take a closer look at today’s cybercriminals to better understand and educate the marketplace on how to fight back. What we found was very interesting.

The rise of cybercrime

As the world has become more interconnected, hacking—once considered the wheelhouse of hobbyists and enterprising individuals—has taken a more sinister turn. In the last 20 years, cybercrime has evolved from computer viruses and worms that commandeered a select number of PCs to massive security breaches and cyber attacks affecting millions of individuals and companies.

Motivated by the potential for a quick profit, unprecedented control, and the ability to cause widespread panic, criminal organizations, nation states and ideologists alike have turned to the digital landscape as their new preferred medium for nefarious activity. And because of the low barrier to entry, individuals, and groups can be up and running in with relative anonymity in a very short time, creating a vicious cycle. As more people and organizations engage in criminal activity, cybercrime becomes more sophisticated, which in turn means a greater number of individuals and businesses are at risk.

Furthermore, the pace at which cybercrime is evolving is having harmful effects on the behaviors of both individuals and businesses. For individuals, news of the latest threats and the spread of cybercrime has created a sense of fear that may overstate the risks. For businesses, the difficulty in identifying more sophisticated means of cybercrime can create a false sense of confidence.

Misunderstanding the threat

There are several ways for cybercriminals to target businesses and individuals, these include theft of funds, theft of personal/customer information, wide-scale data breaches, and IP theft to name a few. Any delay in identifying such attacks can lead to confusion around the size and scope of what is really at stake. The growing sophistication of cybercrime and the ability of criminals to evade detection means that businesses often only discover that they are victim months or years down the line—a troubling fact when you consider how quickly cybercrime is rising.

According to PwC’s global economic survey, 32 percent of 6,000 respondents reported having experienced cybercrime in 2016 compared to 24 percent in 2014. Recent data from Malwarebytes confirms this increase, finding that in the first 10 months of 2017, the number of attacks had already surpassed the total for all of 2016.

Turing to the consumer side, we find that things aren’t much better. Because many individuals have only limited first-hand experience dealing with cybercrime, factual coverage and fictional depictions of the realities of cybercrime are often blurred. One of the unfortunate side effects of relying on the news for cybercrime awareness is that there is a tendency to emphasize sensational headlines—usually at the expense of valuable contextual details. Take for example the WannaCry attack in May 2017. Many news outlets reported on the 200,000 infected machines in 150 countries, but far fewer noted that hardly any money had actually exchanged hands—only £108,000 by August 2017.

The new gangs

As mentioned earlier, the relatively low barrier to entry and availability of information online has made it easy for new participants to take up cybercrime. This, in turn, has transformed cybercrime from isolated events into pervasive, wide-scale operations run by distinct groups of individuals. Similar to the criminal gangs that dominated major cities like New York in the 1930s, these new participants are largely attracted to the potential for riches and power.

Similarly, these new cybercriminals often resort to fear, intimidation, and a feeling of helplessness to achieve their goals. Just like mobsters who would muscle into business with threats of violence or “accidents,” cybercriminals are taking command of computers and sensitive personal information, which they use to threaten their victims. These distinct groups— traditional gangs, state-sponsored attackers, ideological hackers, and hackers-for-hire—have become the new gangs of cybercrime. And while each has a unique set of motivations, they all employ a constantly evolving array of tactics to infiltrate, strong-arm and create terror.

As these new gangs continue to evolve and grow, security breaches and cyber attacks have grown in scale as well with ransomware emerging as the latest tool of choice for cybercriminals. The rate of ransomware attacks, as detected by Malwarebytes, exploded by 289 percent in 2016. In fact, between September 2015 and September 2017, the number of ransomware attacks detected increased by 1,988.6 percent. These figures, as well as the high-profile WannaCry and Petya attacks of 2017, illustrate just how quickly the methods of cybercrime can evolve and how quickly they can spread around the world.

Fighting back

Although many law enforcement agencies and regulatory bodies have developed specialist teams devoted to cybercrime, the fragmented, global nature of technology makes it difficult to identify and thwart these illicit activities.

But this is where you can help! Individuals and businesses alike can help the global effort against cybercrime groups by sharing collective experiences to build knowledge and awareness. Creating an environment where the risks are better communicated and understood enables individuals and businesses alike to better identify and prevent threats.

Individuals and businesses with first-hand knowledge of cybercrime can prove invaluable to the creation and sharing of intelligence. Although law enforcement agencies will continue to make great strides, individuals and businesses have the power to change mindsets and help take protection into their own hands.

Unless we begin to accept, share and learn from our collective experiences, cybercriminals will continue to operate in the shadows. We need to start a dialogue to normalize and demystify cybercriminal’s activities.

About the Author

Marcin Kleczynski is the CEO and Co-founder of Malwarebytes. He oversees the strategic expansion of the business, as well as the long-term vision for the research and development teams. Marcin has been recognized for his work in cybersecurity, receiving the Ernst and Young Entrepreneur of the Year award, and being named to the Forbes 30 Under 30. Follow Marcin on Twitter: https://twitter.com/mkleczynski.