What We’ve Learned From Interviewing Cybercriminals – Adam Janofsky – ESW Vault – Malware News – ….>
– MalBot
From the interviews we conducted, a few key points surfaced that can be shared with the larger InfoSec community. 1. Money drives most cybercriminal activity Most criminals often start out in activities like buying and selling stolen data, participating in ransomware campaigns, or selling tools/services that facilitate more malicious activities. Money is a major incentive for these sorts of activities, as it can be obtained relatively quickly and without consequences, or with punishments that are far less severe than traditional crimes. 2. Cybercriminals utilize online forums Criminals often rely on online forums to learn about new tactics, target vulnerable systems, and find customers for their products and services. By leveraging these forums, criminals can better understand their competition, as well as how to better protect themselves against law enforcement and rival criminal groups. 3. Cybercriminals are well-versed in technology Cybercriminals have a surprisingly deep understanding of technology. From developing custom tools and scripts to exploit systems to deploying methods for encrypting data and obfuscating their activities, criminals are well-equipped to avoid detection and outrun authorities. 4. Cybercrime networks are complex Cybercrime networks are often complex, hierarchical organizations with divisions devoted to
Link: https://malware.news/t/what-weve-learned-from-interviewing-cybercriminals-adam-janofsky-esw-vault/70083