Categories
Cyber Security Education

Improve your Business IT Security

3 Ways to Improve business IT Security

security-4498306_1920

Computers, devices and the internet are woven into the fabric of our daily lives, making it easy for us to forget that online interactions and email messages aren’t always benign.

The unfortunate results of a barrage of cyberattacks in the past year alone has clearly demonstrated that cybercriminals are putting in work to expand their operations. In fact, recent cyberattacks have illustrated just how many aspects of our daily lives are impacted by cybersecurity from shopping to seeing the doctor.

Protecting your business from cyberattacks may seem like a daunting prospect – in an IBM blog post, 25% of SME business owners said that they didn’t even know where to start with cybersecurity. However, no one has extra budget these days – a third of those SME IT decision-makers pointed to a lack of budget or resources as their biggest blocker to cybersecurity success. But businesses don’t have to blow their budgets to make security improvements.

These three tips can help every business be Cybersmart and stand tall in the face of surging cybercrime for less.

1. Build Better Passwords

The first action that businesses can take doesn’t cost a penny: improve password security.

Cybercriminals know that the easiest, fastest way for them to gain entry to your systems and data is with a legitimate password and they’re doing everything possible to snag one – the more privileged that password is, the better. That’s why it’s paramount that you establish and enforce strict rules about generating passwords in your business. The Verizon/Ponemon Institute Data Breach Investigations Report 2021 revealed that bad, cracked, stolen and recycled passwords were the biggest data breach menace that businesses of every size face. More than 60% of the businesses that they analysed had suffered a cyberattack that began with a compromised credential and ended in a data breach.

3 Fast Facts About Password Danger

Credentials were the top type of information stolen in data breaches worldwide in 2020.

About 60% of passwords that appeared in more than one breach in 2020 were recycled or reused.

An estimated 65% of employees use the same password across multiple work and home applications.

It’s not hard for cybercriminals to find a company’s legitimate passwords through password cracking software or even just outright guessing. How does that work? People love to talk about themselves and their interests online. Does your LinkedIn profile talk about how devoted you are to your favourite football team? Is your Facebook full of Baby Yoda memes? Do you share makeup tips from Instagram influencers every day? All of these things give cybercriminals clues that help them figure out your password.

Simple, common, recycled passwords make a cybercriminal’s job easy if they’re using password cracking or credential stuffing too. Why? Based on an analysis of the data that was collected in 2020, an overwhelming majority of passwords fit into one of 20 common categories. That fact allows cybercriminals to use huge lists of passwords stolen in earlier breaches to conduct future cybercrime operations.

Almost 60% of employees use a person’s name or family birthday in their passwords, 33% include a pet’s name and 22% use their own name. On top of that, 49% of users will only change one letter or digit in one of their preferred passwords when required to make a new password. Don’t make it that easy for the bad guys.  

Password Dos & Don’ts

Don’t reuse or recycle a password anywhere for any reason.

Do build strong unique passwords for every online account

Don’t make passwords that fall into a common category

Do make sure your password isn’t easy to guess

Do consider using a password manager to maintain your list if unique passwords

2. Include everybody on the Security Team

Cybersecurity isn’t just a job for the IT department, but that can be hard for employees to recognise, especially if they don’t consider themselves “tech people”. Unfortunately, that perception often leads to employees not engaging with security awareness training and not carrying the good cybersecurity practices that they learn over into their everyday actions. That expectation may also be at work on the executive end of the equation too. By not running regular training sessions or only giving a few employees training against certain threats, companies fail to utilise all of their human resources to keep an eye out for trouble. Internal blockers can also discourage employees from taking an interest in cybersecurity, a tragedy in a time when businesses need all the help that they can get. Eliminating those blockers will create a stronger security culture, making your business more cyber resilient.

3 Facts About Employee Security Attitudes

Just under 30% of employees fail to report cybersecurity mistakes out of fear. 

A full 50% of employees don’t report clicking on a phishing email to avoid disciplinary action.

An estimated 60% of employees open suspicious emails for fear of misidentifying a message.

No employee should be afraid to ask for help around security issues. When employees fear losing their jobs because of a security mishap, small problems don’t get reported, giving them time to grow into giant disasters. Improved security awareness can also quickly reduce a company’s risk of malicious insider incidents. In a business with a healthy cybersecurity culture, employees feel confident that they can ask for help freely whether they just have a question, they made a mistake, they are unsure about something or think that they have spotted a phishing attempt, and that brings benefits that can’t be measured. 

Security Culture Dos and Don’ts

Don’t threaten employees with termination if they make a security mistake

Do make it easy for employees to ask questions or get help around security

Don’t just make cybersecurity the IT department’s job

Do make every employee feel that they are invested in company security

Don’t fail to set policies that encourage smart security behavior

Don’t have one set of policies for employees and another for executives

3. Empower Employees with the Right Training and Tools

If you want your employees to protect your business from cyberattacks, they’re going to need a quality toolkit and the training to notice potential trouble spots. The power of security awareness training is immense, and it starts right away.

In a UK study on the effectiveness of phishing simulations, researchers discovered that 40 – 60% of the surveyed employees were likely to open a phishing message at the beginning of the study. However, after about 6 months of training, the percentage of employees who took the bait dropped 20% to 25%. Even better, after 3 to 6 months more training, only 10% to 18% were likely to open a phishing message, a steep decline. 

Regular security awareness training clearly works. Having the right tools available is also essential. If you’re relying on old, clunky, hard-to-use tools for your day-to-day operations, you’re not only opening your business up to security risks from potential cyberattacks, you’re also making it hard for your employees to follow safe behaviours or take security seriously – and that can mean the difference between a crisis averted and a disaster landing on your doorstep.

3 Facts About Security Tools

One tool, multifactor authentication, stops 99% of password-based cybercrime

Automated email security catches 40% more phishing messages than conventional security or a SEG

Security awareness training reduces the chance of a damaging security incident by up to 70%

It’s not necessary for businesses to splash out cash on dozens of fancy security tools. Having too many security tools is just as bad as having too few. But it is essential that you provide the right tools and training to build a foundation for cybersecurity success. However, a stunning one in three small businesses with 50 or fewer employees relies solely on free or consumer-grade cybersecurity tools for protection. Even worse, an astonishing 60% of business leaders revealed that their companies didn’t have a cyberattack prevention plan in place at all and had no foundation for incident response. Give your employees the tools, training and support that they need to succeed and they will help keep your business safe in a stormy cybersecurity landscape.

Training and Tools Dos and Don’ts

Don’t use security awareness training as a punishment

Do run security awareness training at least 11 times per year

Don’t make employees afraid to lose their jobs if they report issues

Do make sure that everyone from the Directors to the apprentices receives regular training

Don’t rely on a patchwork of old tools that make maintaining security more challenging

Do make it easy for employees to get help when they have a security issue

Protect your Business from Cybercrime

MSnet was founded with a passion to assist businesses from the threat of Cybercrime.

Our Mission is to empower businesses with the knowledge, Training and Services required in safeguarding them from Cybercriminal activity.

If you would like more information please reach out our team on 01489 539700 or use the Contact US button below

Categories
Cyber Security Education

Gone Phishing?

Gone Phishing

Phishing is the most common cybercrime and the most dangerous for your business. Some of today’s most devastating cyberattacks, including incidents like the Colonial Pipeline ransomware disaster in May 2021, started with a phishing email.

Employees may encounter phishing attempts daily if action isn’t taken to keep phishing messages out of your business.

An estimated 6 billion phishing emails were sent to businesses daily in 2020!

What is a Phishing Attack?

Phishing is a type of social engineering where an attacker sends a fraudulent (e.g., spoofed, fake, or otherwise deceptive) message designed to trick a person into revealing sensitive information or to deploy malicious software.

Phishing is the type of cyberattack employees see the most, the reason cybercriminals favour phishing is because it has a low barrier to entry, it’s cheap and it’s effective. Phishing is an easy way for Cybercriminals to obtain passwords, user data and other credentials, enabling them to undertake other cybercrime operations like business email compromise or deploy ransomware.

An estimated 75% of organizations in the United States were hit by a phishing attack that resulted in a data breach in 2020.

 

How to spot a phishing attack?

Phishing can be tricky to spot, but these red flags should always give you pause as they’re common indicators that an e-mail is actually a phishing attempt. 

Subject Line

Is the subject line accurate? Subject lines that feature oddities like “Warning”, “Your funds have” or “Message is for a trusted” should set off alarm bells. If the subject or pre-header of the email contains spelling mistakes, usage errors, unexpected elements like emojis or other things that make it stand out from emails you regularly receive from the sender, it’s probably phishing. 

Greeting

If the greeting seems strange, be suspicious. Are the grammar, punctuation and spelling correct? Is the greeting in a different style than you usually see from this sender? Is it generic when it is usually personalised, or vice versa? Anomalies in the greeting are red flags that a message may not be legitimate.

Domain

Check the sender’s domain by looking at the email address of the sender. A message from a major corporation is going to come from that company’s usual, official domain. 

For example, If the message says it is from Sender@microsoftsecurity.com instead of Sender@microsoft.com, you should be wary. 

Word Choices, Spelling & Grammar

This is a hallmark test for a phishing message and the easiest way to uncover an attack. If the message contains a bunch of spelling and usage errors, it’s definitely suspicious. Check for grammatical errors, data that doesn’t make sense, strange word choices and problems with capitalisation or punctuation. We all make the occasional spelling error, but a message riddled with them is probably phishing. 

Style

Does this look like other messages you’ve received from this sender? Fraudulent messages may have small variations in style from the purported sender’s usual email style. Beware of unusual fonts, colors that are just a little off, logos that are odd or formats that aren’t quite right. 

Links

Using malicious links to capture credentials or send victims to a web page that can be used to steal their personally identifiable information (PII) or financial information is a classic phishing scam. Hovering your mouse or finger over a link will usually enable you to see the path. If the link doesn’t look like it is going to a legitimate page, don’t click on it. If you have interacted with it, definitely don’t provide any information on the page that you’re directed to because it’s almost certainly phishing. 

Attachments

Never open or download an unexpected attachment, even if it looks like a normal Microsoft 365 (formerly Office) file. Almost 50% of malicious email attachments that were sent out in 2020 were Microsoft Office files. The most popular formats are the ones that employees regularly exchange every day — Word, PowerPoint and Excel — accounted for 38% of phishing attacks. Archived files, such as .zip and .jar, account for about 37% of malicious transmissions. 

Origin

Is this someone or a company that you’ve dealt with before? Does the message claim to be from an important executive, politician or celebrity? A bank manager or tax agent you’ve never heard of? Be cautious about interacting with messages that seem too good to be true. Messages from government agencies should also be handled with care. Phishing practitioners love using fake government messages.

How Can I Protect My Business from Phishing Attacks

Cybersecurity requires a multi-layered approach to fully protect your business.

Protecting your employees from phishing equally requires a number of different layers of protection.

  1. The first should be training! Security Awareness training, prepares employees to recognise the threat of cybercrime and how to avoid the dangers. 
  2. The second is simulated Phishing E-mails. Test phishing E-mails are sent to employees to allow them to review and fine tune their new knowledge.
  3. Lastly an integrated threat protection service to filter and remove dangerous E-mails and files from reaching employees in the first place.

 

MSnet was founded with a passion to assist businesses from the threat of Cybercrime.

Our Mission is to empower businesses with the knowledge, Training and Services required in safeguarding them from Cybercriminal activity.

If you would like more information please reach out our team on 01489 539700 or use the Contact US button below

Categories
Cyber Security Education

SME Data Breaches

SME Data Breaches in 2021

Security words as a concept

A data breach is a nightmare for any company, and it’s one that more businesses in more industries are having to face today. About 85% of IT professionals foresee a data breach at their business in the next 12 months.

Cybercriminals are hungry for data that they can sell in the booming dark web data markets for a hefty profit, spawning an unprecedented increase in data-focused cybercrime that’s rocking businesses of every size and it isn’t going to stop anytime soon!

Top 10 SME Data Breach Statistics from 2021

  1. The number of recorded data breaches in 2021 has exceeded the total number of events 2020 by 17%, with 1,291 breaches in 2021 compared to 1,108 breaches in 2020
  2. More than 60% of breaches result from misused, stolen or purchased credentials
  3. An estimated 85% of data breaches involve a human element.
  4. Phishing is the top threat action that results in a breach
  5. The number of breaches that involve ransomware has doubled
  6. 34% of data breaches involve internal actors
  7. Over 80% of breaches are discovered by external parties.
  8. An estimated 36% of businesses worldwide had a cloud data breach in the past 12 months
  9. 74% of businesses in the United States have fallen victim to a successful phishing attack that resulted in a data breach in the last 12 months
  10. The US is the leader in phishing-related data breaches for 2021 so far, with rates 30% higher than the global average, and 14% higher than the same period in 2020.

The Cost of a Data Breach

In this year’s IBM Cost of a Data Breach Report, researchers determined that the average cost of a breach in 2021 is estimated at £3.1 million per incident, the highest ever recorded in the 17 years of the study.

The cost of a data breach can change significantly depending upon the initial attack vectors including the top three most common: compromised credentials (20% of breaches), phishing (17%) and cloud misconfigurations (15%).

The cost of a breach can be impacted by the type of data stolen or leaked, like customer personally identifiable information (Pii) – the most frequently breached and the most expensive at £125 per record.

The top country in the world for data breach costs in 2021 (so far) is the US with an average cost of $9.05 million.

Thanks to the hot market for COVID-19 data in 2020, medical data is in second place as the most desirable data to snatch, and healthcare at £6.8 million is the industry with the most expensive data breach costs.

Businesses that operate with 50% remote workers took an average of 316 days to identify and contain a data breach compared to the overall average of 287 days.

Companies supporting a remote or hybrid workforce experienced an increase of up to £750,000 more when a data breach occurred, with the highest rates of £3.5 million in comparison to £2.8 million.

Cloud Data Breaches

The State of Cloud Security 2021” Verizon report asked IT professionals about the circumstances that influence a company’s chance of a possible cloud data breach and these were the factors that they pointed to:

32% say too many APIs and interfaces to govern

31% cite lack of adequate controls and database oversight

27% point to lack of policy awareness around data security

23% blamed old-fashioned negligence

21% said they are not checking Infrastructure as Code (IaC) prior to deployment

20% admitted outright that human factors were at fault

Booming Dark Web Data Markets Drive Data Theft

Most Prevalent Types of Data Stolen in Breaches: 

Credentials: 60%  

Personally Identifying Data (PII): 40%  

Medical Data: 10%  

Bank Data: 10%  

Internal Data: 10%  

Payment Data: 10% 

Is Your Business Protecting Its Valuable Data?

Cybersecurity requires a multi-layered approach to fully protect your business.

Protecting your business Data is a critical priority for any business, not only form a regulatory stance (I.E GDPR, PCI-DSS etc) but also in protecting your customers and employees.

MSnet was founded with a passion to assist businesses from the threat of Cybercrime.

Our Mission is to empower businesses with the knowledge, Training and Services required in safeguarding them from Cybercriminal activity.

If you would like more information please reach out our team on 01489 539700 or use the Contact US button below

Categories
Cyber Security Education

Password Danger

Password Danger is Escalating

Hooded cyber crime hacker using mobile phone and internet hacking in to cyberspace for username and password,online personal data security concept.

The struggle to get users to make good, strong, unique passwords and actually keep them secret is real!

It can be hard to demonstrate to users just how dangerous their bad password decisions can be to the entire business, even though an estimated 60% of data breaches involved the improper use of credentials in 2020.

There’s no rhyme or reason to why employees create and handle passwords unsafely. Employees at every level are unfortunately drawn to making bad passwords and playing fast and loose with them – and that predilection doesn’t look like it’s going away anytime soon.

Managing Too Many Passwords ?

The average adult has an estimated 100 passwords floating around that they’re using. That’s a bewildering tangle of passwords to manage. About 300 billion passwords are currently in use by humans and machines worldwide. The global pandemic helped put even more passwords into circulation as people on stay-at-home orders created an abundance of new online accounts. According to the conclusions of a global study conducted by Morning Consult for IBM, people worldwide created an average of 15 new online accounts per person during the main thrust of the pandemic.

Many of those logins were compromised from the start thanks to abundant dark web data. An estimated 15 billion unique logins are circulating on the dark web right now. In 2020 alone, businesses had to contend with a 429% increase in the number of business login details with plaintext passwords exposed on the dark web. That dramatic increase in risk per user comes back to haunt a business.

The average business is now likely to have about 17 sets of login details available on the dark web for cybercriminals to enjoy and that number is only going to continue to grow thanks to events like this year’s giant influx of fresh passwords from the RockYou 2021 leak!

Bad Passwords

Research by the UK’s National Cyber Security Centre (NCSC) shows that employees will choose memorability over security when making a password. Their analysts found that 15% of people have used their pet’s name as their password at some point, 14% have used the name of a family member, 13% have used a significant date, such as a birthday or anniversary and another 6% have used information about their favourite sports team as their password.

That makes cybercriminals’ jobs easy even if they’re trying to directly crack a single password. After all, those users have probably told them everything that they’d need to know to do the job in their social media profiles.

Password Sharing Is Rampant

Worse yet, employees are sharing their passwords with other people at an alarming rate, even if the people they’re sharing a password with don’t work at the same company. Over 30% of respondents in a Microsoft study admitted that their business had experienced a cybersecurity incident as a result of compromised user credentials that had been shared with people externally.

43% of survey respondents have shared their password with someone in their home
22% of employees surveyed have shared their email password for a streaming site
17% of employees surveyed have shared their email password for a social media platform
17% of employees surveyed have shared their email password for an online shopping account

Top Password fails

Analysis of the top 250 passwords found on the dark web, found the top categories for the weakest passwords in 2020 were:

Weakest Password Categories in 2020

  1. Family Names (I.E Maggie)
  2. Sports Teams (I.E Arsenal)
  3. Favourite Food (I.E Cookie)
  4. Place Names (I.E. London)
  5. Names of Pets (I.E. Rocky)
  6. Famous People/Characters (I.E Tigger)

Top 20 Most Common Passwords found on The Dark Web in 2020

  1. 123456
  2. password
  3. 12345678
  4. 12341234
  5. 1asdasdasdasd
  6. Qwerty123
  7. Password1
  8. 123456789
  9. Qwerty1
  10. :12345678secret
  11. Abc123
  12. 111111
  13. stratfor
  14. lemonfish
  15. sunshine
  16. 123123123
  17. 1234567890
  18. Password123
  19. 123123
  20. 1234567

Stolen Passwords on the Dark Web

Credentials were the top type of information stolen in data breaches worldwide in 2020, (personal information took second place just over financial data in third), and Cybercriminals didn’t hesitate to grab batches of credentials from all over the world. Cybercriminals snatched them up in about 70% of EMEA breaches, 90% of APAC region breaches and 60% of North American breaches. Researchers disclosed that the average company experiences 5.3 credential compromises that originate from a common source like phishing every year, a number that should give every business owner chills.

An abundance of records on the dark web has spawned an abundance of passwords for cybercriminals to harvest, and that’s bad news. Giant password dumps on the dark web like the 100GB text file dubbed RockYou2021 have ratcheted up risk too. That giant dump of of data is estimated to contain 8.4 billion passwords. Cybercriminals make use of that bounty quickly and effectively.

In the aftermath of an enormous 2020 hack, ShinyHunters breached the security of ten companies in the Asian region and brought more than 73 million user records to market on the dark web. A group like ShinyHunters will of course try to profit by selling that stolen data at first, but when the data has aged or there are no interested buyers, cybercriminals will just offload it in the vast data dumps of the dark web making it available for anyone to sift through.

Protect your Business from Password Danger

Password shenanigans can put any business at risk of a devastating and expensive cyberattack, but protecting your business from password-related danger isn’t hard to do or expensive.

Protecting your business from password dangers requires a multi-layered approach, incorporating both training and technology.

Training will educate your employees into the dangers of Cybercrime and what they can do to recognise the threat and how to avoid the dangers.

Technology and policy ensures a correct framework is in place to remove the complications around employee passwords, ensuring a robust and centralised credential management system is in place to protect your business. 

MSnet was founded with a passion to assist businesses from the threat of Cybercrime.

Our Mission is to empower businesses with the knowledge, Training and Services required in safeguarding them from Cybercriminal activity.

If you would like more information please reach out our team on 01489 539700 or use the Contact US button below

Categories
Education

The Money Behind Malware

It’s important to understand the motivation behind the onslaught of malicious code bombarding our firewalls, users, and servers.

We see hundreds of thousands of malicious files every single day and these files aren’t from the world of governments and spies to spark the next cyber war. It’s about money.

We can prepare for this onslaught. But to do so, we need to know how it works

The tools at their disposal

Cybercriminals have a lot of options to make money. Fortunately, there’s a lot of steps to get there, and every step a cybercriminal has to take is a point where we can stop them.

They begin by finding victims. And oh, do they have options for catching unwitting victims. Cybercriminals ensnare victims in a number of ways, including:

  • Spam: The classic. Spam, where it all began, has dropped in volume as defensive options have become better and users more aware, but we still see billions of messages every day – there’s always a chance you’ll click through.
  • Phishing: While spam promotes products and services, phishing is more nefarious email attack, pretending to be a trusted source like your bank to gain access to your personal information.
  • Social media: Users spend countless hours on Facebook and other social media sites, and cybercriminals are using that to their advantage. Messages using similar tactics to trick users into clicking unsafe links are common in social media.
  • Blackhat SEO: Manipulating search engine results, often called Blackhat SEO or SEO poisoning, continues to be a problem. “Poisoned” search results can lead to exploits, malware, and phishing sites.
  • Drive-by downloads: It’s possible to have your operating system, browser, plugins, and applications exposed to exploits looking for vulnerabilities just by visiting an unsafe website. We sees tens of thousands of new URLs every day containing drive-by downloads.
  • Malware: Worms, viruses, and other malware files still serve their masters well. While less common now, opportunistic crooks still exploit malware to infect exposed systems and recruit people’s computing devices for their own purposes.

Money behind the malware

So the cybercriminal has access to your information or computer. What do they do with it, and how do they make money off it?

  • Ransomware: Ransomware has been making more and more headlines in recent months and is considered the number one threat to users right now. A type of malicious software which can block access to your computer, files, or servers until the user or company pays a fee to the cybercriminal, this is a threat that has trapped not just regular end users but multinational corporations, healthcare systems, and more. Ransomware originally came out almost exclusively from Russia, but its grown to plague the internet from all over the world.
  • Selling products: This is an older scam, but criminals still set up a store offering great bargains on products, often to simply steal payment information. Others actually do send sham products to unwitting consumers.
  • Stealing login details: The purpose of phishing spam messages is to convince you they come from someone you know or trust. Criminals use social engineering techniques borrowed from real brands to collect usernames and passwords associated with high-value websites like PayPal, banks, Facebook, Twitter, Yahoo and web-based email services. Phishing emails taking advantage of a user’s lack of awareness of hacking attacks and data breaches.
  • Pay-per-click fraud: After compromising a user’s computer, the criminals can download malware that manipulates Internet traffic. They divert the victim’s clicks to advertisements located on the criminals’ webpages. The criminals make money from ad networks by generating traffic to their customers’ ads.
  • Fake security software: This is an older threat as well, but one users still fall victim to. The user visits a compromised site and is convinced they need to download (and pay for) a (fake) antivirus. Not only do scammers get these users to pay for the original install, they can often convince them to buy extended support and more.
  • Social media spam: It hasn’t gotten easier for spammers. Spam filters get more and more effective with time, and users more savvy about spotting fake names. Criminals have, instead, moved on to abusing social media, where they make use of users’ social circles to spread fraudulent sites—users are far more likely to click through a link if it comes from a friend or family member.
  • Banking malware: Cybercriminals follow the money. There’s an entire industry based on capturing authentication information to access online financial institutions. It’s moved far beyond simple key-logging software to capture usernames and passwords; modern banking Trojans can capture SMS messages and record videos of your screen while you log in. Hundreds of millions of dollars are stolen in this manner.
  • Premium-rate SMS fraud: Instead of attacking your bank account directly, they go after you through social media, asking for your phone number when you fill out a survey—which just entered you into a premium-rate SMS service. These services also tag along with pirated apps on your phone sending SMS messages to premium rate numbers at your expense.

Specialized scammers

With so many tools at their disposal to launch an attack or scam, cybercriminals tend to specialize, so that they’re better prepared to evade our defences and avoid law enforcement. Let’s take a look at some of their roles.

  • Exploit writers specialize in discovering vulnerabilities in software and creating exploit packs—a collection of vulnerabilities packaged together. The exploit writers then sell the exploit pack to less technical criminals, who use it on websites and in email attachments to embed malware on vulnerable computers.
  • Translators are exactly that—they rework the language in spam or social engineering attacks to improve their effectiveness. Poor grammar or spelling in the user’s native language is usually a good indicator of an untrustworthy message, so the better the writing, the more likely the victim.
  • Bot herders infect all of the zombie computers that are used for creating a botnet, which the criminals use for spamming, DDoS attacks, proxying and other cloud computing needs of the criminal underground. Bot herders segregate and sell or lease computers based on geography and type of bot needed by the purchaser.
  • Money mules and mule managers fill an important role in the cybercrime ecosystem: someone needs to walk into banks and transfer funds. Mules assist with the movement of money, and mule managers recruit them, oftentimes through work-from-home scams.
  • Partnyo’rka loosely translates to “partner network” in English. Like legitimate networks, they work to spread the word about—and pay commissions for sales of—scam products.
  • Tool providers write tools to aid in spreading spam and malware, like exploits, toolkits, and more. There’s nothing illegal about writing software, but there is an entire industry based on creating tools for cybercriminals to purchase.
  • Malware writers are exactly that—they’re writing malware for sale to organized cybercriminal operations, rather than distributing their wares directly.

How we win

As long there is money to be made criminals will continue to take advantage of opportunities to pick our pockets. While the battle with cybercriminals can seem daunting, it’s a fight we can win. We only need to break one link in their chain to stop them dead in their tracks.

Some tips to success:

  • Deploy patches quickly
  • Eliminate unnecessary applications
  • Run as a non-privileged user
  • Increase employee awareness
  • Recognize our weak points
  • Reducing the threat surface

All of this can make the job so difficult for the scammers that they will look elsewhere for their victims.