Site icon IT World Canada

Cybercrime-as-a-service on the rise: McAfee

Who’s going to be the next cyber attacker your organization will be guarding against?

It could be a state-backed hacking group, a cyber syndicate or a cyber activist. But there’s also a good chance that it could even be a non-tech-savvy individual whose hacking skills are limited to downloading apps from the Web, according to Raj Samani, chief technology officer of McAfee Inc. for Europe, Middle East and Africa.

“It’s gotten to the point where any person, without any IT skills whatsoever, could simply purchase a distributed denial-of-service (DDoS) from Google and launch it against any target,” said Samani, who co-authored the whitepaper report Cybercrime Exposed: Cybercrime-as-a-Service with McAfee Labs senior research engineer Francois Paget. “When we were writing this paper, we knew it wasn’t new, but once we got started, we couldn’t believe the breadth of service available on the Web.”

“All you have to do is type DDoS service in Google and the third or fourth item on the search list will lead you to a site selling denial-of-service attacks,” he said.

RELATED CONTENT

Canada not so innocent in cybercrime
Allstream to lure customers with DDoS promotion

Among the services they found were being hawked on the Internet were:

“These services are available to anyone with a credit card,” said Samani. And with the growing popularity of virtual currencies, the possibilities for anonymity has grown larger.

McAfee also found the underground market for exploit brokers continues to grow. While software vulnerabilities have been available commercially for years, brokering services have been doing pretty well lately.

For instance, Samani said, a recent Forbe’s article identifies a person known only as Grugg who acts as a middleman selling exploits to government agencies. The broker was able to sell an Apple iOS exploit for $250,000 and pocketed 15 per cent of the price.

Read the whole report here

 

Exit mobile version