NED Cyber Security Report Part 1: Beware the IoT (Internet of Thieves)

Feb. 9, 2016
This exclusive series examines what you should know about cyber security in 2016, from the threats to defenses. Today we introduce the greasy cybercriminal syndicate that operates like a well-oiled machine.

There is a new industry so robust that it’s estimated to be worth anywhere from $400 billion to $1 trillion. Disruptive and innovative, it has the power to reach every government, business, and person on the planet. It’s so pervasive that you may even be working with one of these “businesses” right now, without even knowing it.

All you had to do was click the wrong email and you just became an unwitting accomplice of the cancerous cybercrime industry, the Internet of Thieves

Cybercrime was once akin to the Internet boogeyman, an invisible threat to scare the computer illiterate. The criminals themselves, often euphemistically dubbed hackers, were hoodie-wearing malcontents—anti-social teens wreaking havoc from a dank basement littered with Dorito crumbs and misplaced hormonal rage.

Even predating the proliferation of the Internet, Hollywood fashioned hackers into curious savants who may accidentally initiate a thermonuclear war, as in “WarGames,” or maligned IT types cast out from their “Office Space” seeking revenge via penny-pinching malware.

In reality, the so-called hackers making and implementing the latest in malware and ransomware aren’t lone wolves; they’re highly organized and run their operations in a way that would make Henry Ford proud.

“There are manufacturing facilities to produce malware,” says Scott Harrell, vice president of product management for Cisco’s Security Business Group. “People are doing this for a living and they have a whole supply chain. And their whole goal is to evade your defenses.”

On the plus side, these ghosts in the machine have one major flaw.

“They’re still human,” Harrell reassures. “They’re not insurmountable by any stretch of the imagination.”

Every day, though, the ranks of this loose confederation get bigger.

In Russia alone, it’s believed that 20,000 people have logged on to scam, steal and extort through cybercrime. Software security group Kaspersky Lab believes that since 2012, a single group of 20 Russian hackers siphoned $1 billion from global accounts.

The FBI has offered a $4.2 million reward, for what it calls "one of the world's worst," Evgeniy Mikhailovich Bogachev, who is also one of the best.

Wanted for racketeering and bank fraud, along with a litany of other offenses, the 32-year-old Bogachev is credited with creating Gameover Zeus, malware responsible for pilfering more than $100 million through a Distributed Denial of Service, or DDoS, attack.

This type of attack overloads a system, such as a bank website, via hundreds to thousands of computers, crashing or disabling the network. He also allegedly created a ransomware program called CryptoLocker.

An international alliance brought down the malware in 2014, but Bogachev remains on the loose. He was last seen in Anapa, Russia, a picturesque town on the Black Sea coast.

The FBI placed a $4.2 million reward for info on this cybercriminal.

Interpol says that college graduates in Eastern Europe can earn 10 times more working for organized crime than for legitimate companies. The potential for a better life has lured the best and brightest minds of the former Eastern Bloc, as the Manhattan Project and Operation Paper Clip did in the 1940s.

So that’s the opposition? A highly trained, highly ambitious army of disenfranchised computer geniuses who face little to no risk to make millions off of faceless marks. Their parent’s generation tore down the Berlin Wall; they want to tear down your firewall.

Pointing the finger at our former communist enemies is a compelling narrative, but kind of cliché. As it turns out, it’s also not 100% accurate, Harrell says.

“There’s a quick desire to attribute these attacks from the Ukraine or Russia, but we’ve seen attacks come from all over the globe,” says Harrell, noting that properly attributing attacks geographically is a difficult proposition.

“Certain elements of an attack could be outsourced, but it could still be a plan or plot from inside the U.S.”

Several of Cisco’s top security experts echoed the same thing: Attacks can come from anywhere, and they can infiltrate anyone, just like anyone can break into your house. Having the proper employee training and network policies in place goes a long way in making sure these criminals leave empty-handed. (Part 2 talks about those defenses.)

“You need to assume that even if you have the best defenses in the world, sometimes people are going to succeed,” Harrell says. “Do you have systems that are meant to handle that?”

Keep reading our special series on cyber security with Part 2: Defending Your Digital Castle