Malware on subscription? Sadly, it’s become a thing and Australian businesses which don’t have strong security measures in place may find themselves in the sights of many more hackers and cybercriminals.
Along with the rise of mobile computing, the emergence of cloud-based software-as-a-service, which sees third-party providers hosting applications and making them available to customers over the internet, has been one of the ICT industry’s seminal trends this decade.
The model is a simple, economical and flexible one which appeals to organisations of all shapes and sizes.
So much so that entrepreneurial fraudsters have co-opted it for their own purposes. They’re pushing out an array of “malware-as-a-service” products which can be customised and launched by anyone with a modicum of technical expertise. This means aspiring hackers and cyber-criminals no longer need Kevin Mitnick level skills to defraud and disrupt businesses; they can do so with off-the-shelf programs and tools.
Would-be social engineers might choose a phishing kit, which contains website resources and tools which can be installed on a server. Add in some email addresses – either BYO or acquired via the dark web – and they’re set to start trawling for victims.
Aspiring “bad actors” who prefer things a little more dramatic may opt for a ransomware distribution kit. Some allow fraudsters to create their own customised version of a given ransomware, available for use on a profit-sharing basis. Get a victim to pony up and it’s 70 per cent for the attacker and 30 per cent for the developer who wrote the code.
Distributed denial of service (DDoS) attack tools are also on the market for a modest price. DDoS refers to the phenomenon whereby a targeted system is forced to shut down because its bandwidth is flooded with traffic. Once the province of hardcore hackers, readily available booter and stressor services can make bringing a company’s online operations to a grinding halt an achievable proposition for relative amateurs.
Many have taken advantage of the opportunity. One of the most active services for launching DDoS attacks, WebStressor.org, was taken down in April 2018. At that time, it had more than 136,000 registered users, who were thought to have contributed to millions of attacks over the preceding three years.
With cheap and effective tools available at the click of a mouse, it’s no surprise businesses and organisations have, in recent times, felt themselves under siege from an unseen army of cyber-fraudsters. Compromised websites, DDoS attacks, crypto-mining software and malware of all descriptions can represent an anxiety-inducing minefield for organisations which lack the expertise or resources to identify and implement commensurate protection measures.
Keeping the enemy at bay using traditional tools and technologies is an ambitious and unrealistic proposition, in the face of an expanding onslaught of advanced, evasive cyber-threats.
An approach which augments traditional human responses – providing signatures, putting trustworthy entities on a ‘white list’, blacklisting their untrustworthy counterparts and the like – with the immense capabilities of artificial intelligence may well hold an answer.
Machines and algorithms bring automation, faster response times, reduced error rates and pre-execution capabilities to the table. They can process and analyse vast amounts of relevant data at speed and scale up quickly, during times of peak demand. Coupled with the power of human insight, which can be employed to confirm suspicious patterns of activity and identify false positives, they can be used to form a defence against the wave of ‘Malicious everything as a service’ now menacing businesses and organisations.
Sylvain Lejeune, Vice President Asia Pacific and Japan, WatchGuard Technologies