Cyber crime and malicious attacks over the Internet are only going to increase in the coming years. As more confidential information gets transported over the Internet every day, hackers are looking for new ways to exploit that information for either personal or monetary benefits. To demonstrate this, we will examine cybersecurity trends that will only increase in the years ahead.
The first trend we will examine is that the underground marketplaces on the deep web will continue to evolve, regardless of police crackdowns, within the next few years. A perfect example of this is cyber criminals creating drug marketplaces for users to buy illegal substances using the anonymous Bitcoin Internet currency. The most famous of these is the Silk Road, which was finally located and terminated with the creator in jail. Following this site termination, cyber criminals quickly created a new version of that site. Still, the marketplace was rebooted for the third time as Silk Road 3 Reloaded. However, this is not the only type of underground marketplace service available. Many of them are now offering cyber crime as a service (CaaS).
CaaS is a booming marketplace in terms of the future of Internet security. Many of these marketplaces can show users how to create and spread their own malware or worms. One of these services is called Citadel. This service shows users how to create malicious malware and manage bots that have been infected. Figure 21.1 shows the Citadel toolkit.
While the Citadel toolkit is scary in terms of the future of information security, there are also a number of underground services that will gain in popularity in the future. These services include Mobile Hacking Service Assistant, Facebook Hacking Assistant, and even assassination services. While underground marketplaces will continue to grow, there is a specific sector of cyber attacks that has rapidly been increasing: mobile exploitations.
Mobile exploitations have been on the rise since the emergence of smartphones within our everyday lives. In fact, as we rely on our smartphone applications to perform activities such as banking, we are opening ourselves up to vulnerabilities. In fact, in 2011 alone, 1000 android malware samples were detected. Also, the increasing rate of malicious applications within the Android store has increased since the development of DroidDream. One area of mobile exploitation that will be on the rise is the exploitation of man-in-the-middle mobile browser attacks. These attacks will increase as the smartphone’s computing power increases and users become more eager to do banking on their smartphones. A breakdown of mobile threats that are of importance for the future of mobile computing is shown in Figure 21.2.
Figure 21.1 Citadel spyware system browser.
Figure 21.2 Types of mobile threats.
As one can see, cyber security is a topic that will be absolutely critical as more business becomes automated and digital in the future. Hackers and malicious coders will not stop with the plethora of options that there will be to choose from.
Cyber warfare is a reality that most information technology leaders manage daily. Companies, groups, and individuals are all affected. Most surprisingly, this information goes for a relatively low price once it is pieced out into identities, credit cards, and social security numbers. Beyond this packaged information, actual hack-based services are also available for hire, coordinated through the dark web. The universal currencies are typically untraceable or hard to trace payments, meaning that Bitcoin and Greendot disposable credit cards are primary payment methods. What makes a cyber attack an act of war is the type of entity being attacked and the reason that they are being attacked. When a government-sponsored hacking entity from China attacks a firm based in the United States, this is an act of cyber warfare. A strategy of war is to disable or hurt an opposing country’s economy. Prior to digital tools, damaging infrastructure and restricting access to resources would primarily achieve this effect. In the technical age, these same effects can be produced by stealing large sums of information from corporations and liquidating the stolen assets in money.
Just as inexperienced soldiers are often given damaging weapons without understanding their use, many hackers have access to freely available tools that simplify the act of performing an attack. The landscape these hackers have available to them is changing, increasingly in their favor. Prior to mobile computing, botnets with fixed locations to initiate denial-of-service attacks had a relatively limited capability, which was further diminished by the techniques of bringing the botnets on and off the network repeatedly to avoid detection. With the innovations available with smartphones and other mobile devices, and their ability to access the Internet from a changing location, their susceptibility for detection is significantly diminished. With the innovations in smartphone devices, hackers can now access always-on, highly sensitive computing devices for their disposal. Figure 21.3 displays the mobile device market shares, along with their operating system adoption rates.
The most challenging aspect of the Android platform is influencing its user base to upgrade to the latest operating system. The latest operating system usually includes a variety of bug and security fixes among the improved feature sets. This makes the platform, when viewed as a whole, much more insecure in comparison to Apple’s iOS. Another example is with banking phishing software, for which some advanced toolkits have been released. Once banks recognized their customers were falsely going to web portals that simulated their own, they began using uniquely identifiable pictures as a form of capcha to allow their users to know they were at the correct address. However, the user will always be the weakest link in security.
With a variety of methods now available for using information for personal gain, information itself is becoming a fairly universal product. Criminals are not always after the information on a machine, however; sometimes, they simply use fear in order to promote a fear response–based behavior. Scareware is software that is installed with the purpose of extorting users for full access back to their device. With mobile devices, this may be a scare screen that appears on boot up saying that all conversations are being recorded. On a laptop or desktop, a screen that prevents the machine from fully booting may exist unless an untraceable form of currency is used and typed into the window. Of course, this does not mean that the criminal group is obligated to then release this scare screen; in fact, they may hide the screen and continue to record information on the user knowing that they have potential for future payouts.
Figure 21.3 Mobile device market shares, along with their operating system adoption rates.
Groups of hackers exist that defame websites based on what communities have deemed as “bad.” This means that it’s common for these online groups to attack government websites and financial firms. What these groups are unaware of is that they are often being manipulated by groups that want to serve an alternative purpose. For instance, if China wants to defame the U.S. government website, they could manipulate a hacktivist group to do this task as well. These hacktivist groups will continue to disrupt large institutions with relatively unpredictable goals.
QUESTIONS
1. What is a popular service that offers a complete set of cyber-crime tools as a service?
2. How does the Citadel toolkit work?
3. What is the main source of infection that is commonly employed?
4. These six play a part in creating a secure wireless system.