Pages

Wednesday, June 11, 2025

Cyberspace Just Got More Dangerous! Learn To Be A Survivor When You Go Online

Ross Ulbrecht keeps resurfacing to warn us about the dangers we face in cyberspace. He was the man who created the Amazon of crime with everything a criminal could want for sale. When he was apprehended and found guilty, a US District Court judge in New York City tried to "put the fear of God" into others who might try to pen up such an enterprise. She sentenced Ross to two consecutive life sentences plus 40 years to be served after the life sentences. (If a serial killer avoided the death penalty, this is the kind of sentence the murderer would receive.) It failed to deter others from such activities. A second Amazon of crime appeared. Authorities took it down in 2017. The man who runs the messaging platform Telegram is now under arrest and awaiting trial in France for "turning a blind eye" while criminals used his platform to conduct all the criminal activities that were conducted on the Silk Road website run by Ross. The Economist magazine has an excellent article that I want to share with you about the frightening evolution of criminals using cyberspace to do their bad deeds. Before I give you the article, I want to give you a quick survival course on how to protect yourself when you're online as follows: 1) Never click on a link unless you are very sure of the person sending you the link. 2) Be alert to phishing. You might get an email that looks very official from a company like Amazon, American Express, Visa, A.T. and T, United Airlines, etc, or a government agency like the US IRS or the Social Security Administration, etc. You will be asked to click on a link or reveal personal information. 3) Have a security service like Identity Guard, American Express, a service from a credit bureau, etc. You will be warned if there is any sort of suspicious activity. 4) Do not trust anyone whom you meet online. Even if you have Zoom meetings with this person, be wary until you meet this person face-to-face and spend time with them. 5) Do not have all your financial activities concentrated at one financial institution. Spread out your money among several different financial institutions. In that way, if one financial institution is shut down with a ransomware attack, you will not be caught without money. Here is the article: The Uber of the underworld Amateur crooks are using plug-and-play hacking kits Illustration: Ben Jones May 29th 2025|SINGAPORE SaveShare Give Listen to this story EVERYTHING’S POSSIBLE at Harrods, proclaims the website of Britain’s glitziest department store. Alas, on May 1st, this universe of possibilities included an attempted cyber-attack that forced the company to restrict internet access at its sites, it said. The attempted intrusion came just days after hackers took down computer systems at Marks & Spencer (M&S), a supermarket and clothing retailer which says the disruptions will cost it some £300m ($405m). These breaches, which also hit the Co-op supermarket chain, were more than just costly cyberattacks. They are worrying examples of how crime is evolving beyond simple street thuggery, or even the work of small groups of clever hackers, into a global service economy where anyone with cryptocurrency can buy the tools to paralyse a multinational corporation. One of the chief suspects in the attacks on Britain’s high street is the hacker collective Scattered Spider, according to Britain’s National Crime Agency, which investigates serious and organised crime. Scattered Spider is not a traditional, hierarchical mafia. Instead, it is a fluid network of young hackers who may never meet in person, yet can co-ordinate devastating attacks across continents. They are thought to have used DragonForce, a ransomware-as-a-service platform that gives criminals the software to carry out attacks in which they encrypt the victim’s data or otherwise block their access to computer systems until a ransom is paid. Just as Uber upended the taxi industry and Airbnb reshaped the hotel business, the criminal underworld is undergoing its own digital revolution. Criminals who might once have committed crimes themselves are now becoming service providers in a vast underground marketplace. This new service model “is evolving at a rate that we’ve never previously seen”, says John Wojcik of the United Nations Office on Drugs and Crime (UNODC). The exact cost of cybercrime cannot be known, since much of it happens in the shadows, and victims of ransomware attacks may be reluctant to report the crimes. Sometimes this is out of fear that doing so will harm their reputation among customers or that it could result in them being fined under data-protection laws. Nevertheless, the scale is staggering, with billions, possibly trillions, of dollars in economic costs each year. The low end of the range comes from tallies of reported crimes by law enforcement agencies. The FBI said it received reports of direct losses of $16.6bn in 2024, a 33% increase over 2023. Adding in unreported losses and wider economic costs leads to bigger numbers. Britain puts its current annual losses at more than £27bn (based on old data). The European Commission reckons that the worldwide costs of cybercrime were €5.5trn ($6.5trn) in 2021. Though estimates of the full cost differ, almost all studies suggest that cybercrime is booming. One reason is the emergence of DragonForce and other similar providers of plug-and-play hacking kits, which give even unskilled criminals the ability to launch ransomware attacks. This dramatically lowers the barriers for newcomers, who no longer have to write their own malicious malware. Moreover, a wider ecosystem of criminal services is developing. This allows hackers to buy, rather than steal, the personal data they need to identify potential victims or to work out how to launder ransom payments. Many of these services are accessed through online forums or messaging apps, such as Telegram, and are often paid for with cryptocurrency. Hackers who develop ransomware use a variety of business models, from selling the basic code, which sometimes costs as little as $2,000, to ransomware-as-a-service. Under the service model, a client (or affiliate) gets access to a web portal that lets them customise the ransomware. Some groups also provide a communications portal, through which their clients can negotiate anonymously with their victims. In exchange for these services, they take a share of the profits. Market forces and competition have pushed these down to around 10-20% from around 30-40% a few years ago. Keeping secrets This new modular model is not easily thwarted by law enforcement officials. When cybercrime operates through countless providers, shutting down one node barely dents the system. In 2023, Scattered Spider attacked Caesars Entertainment and MGM Resorts International, two American casino operators, yet the FBI struggled to dismantle the network. Criminal business models are also evolving. DragonForce uses a double extortion method. The service both steals a copy of its victim’s data and also encrypts it on the victim’s computer system. Thus, it can demand two separate ransoms: one to unscramble the data and another to delete the stolen copy. Firms that refuse to pay face the threat that their data will be leaked to other cyber-criminals. The targeting of large retailers such as M&S, Co-op, and Harrods is not random: these sorts of firms house troves of customer data. After Scattered Spider attacked the British retailers, Google warned on May 21st that the group is turning its attention to American retailers. The sorts of personal information big retailers hold—names, email addresses, credit-card details, shopping habits, even browsing histories that reveal personal interests—are the backbone of modern retailing. These data are among cybercrime’s most valuable commodities. With this information, criminals can craft more convincing phishing attacks (emails that impersonate legitimate companies in order to trick people into divulging passwords or financial information), launch targeted malware attacks, and commit fraud. Underground markets, hosted on messaging apps or on the dark web, now serve as trading hubs where vendors sell stolen credit-card details, bank records, and other confidential data. Beyond hacking large retailers, criminals who specialise in stealing and selling data also target banks, investment firms, and other financial companies for information about wealthy clients and other profitable targets. Increasingly, criminals use information-stealing malware, often distributed through phishing emails or malicious ads, that infects computers and smartphones. This malware harvests browsing history, saved passwords (including from internet banking), chat logs, cryptocurrency-wallet details and other personal content. Among these password-stealers are RedLine Infostealer, which has been used to infiltrate major corporations, and META Infostealer (not to be confused with the company that runs Facebook). They are distributed through a decentralised malware-as-a-service model in which cybercriminals either buy a lifetime licence for $900 or subscribe to use it for $150 a month, according to a criminal complaint filed by America’s Department of Justice before a court in Texas in 2022. One cybersecurity expert now reckons that the cost of a lifetime licence has increased to $10,000. Illustration: Ben Jones Adding fuel to the fire is artificial intelligence (AI), which has already transformed two common types of cybercrime: producing malware and conducting phishing attacks. In the past, gangs would have needed experts with advanced coding skills to write malware or to tailor it to specific targets, tasks that are easily done by generative AI. “What might have previously taken an advanced criminal group weeks to figure out is now available to any criminal in minutes,” says Jeff Sims of Infoblox, a security firm. AI also allows criminals to produce convincing, well-written phishing messages (often in languages that are not their own). These are more likely to succeed in deceiving victims, especially when combined with stolen data. Crime syndicates, for example, Chinese groups operating out of South-East Asia, are using AI to translate scripts for romance scams, fake job offers or fraudulent investments, letting them target victims around the world. Paying the bounty Law-enforcement agencies have tended to focus on trying to shut down or disrupt the providers of ransomware. In late May, an operation by European and North American agencies dismantled an extensive network and issued arrest warrants for 20 people. Yet the continued growth in this sort of crime suggests that enforcement is failing, leading to more draconian proposals. Britain plans to outlaw payment of ransoms by public-sector bodies and operators of critical infrastructure, hoping this will make them less attractive as targets. Those not subject to this ban would still have to report ransomware attacks to the authorities, which would allow law enforcement officials to block ransom payments. Yet legal experts fret this will not stop cyberattacks (since hackers may still get customer data that they can sell) nor protect companies, which could collapse if they cannot regain control of their data. If nothing else, the dilemma over how to deter the new breed of cybercriminals highlights how one of the world’s fastest-growing criminal threats comes not from armed gangsters, but from geeks writing and selling code in the burgeoning underworld of the criminal gig economy. ■ Explore more WorldInternational

No comments: