Our blog

The three levels of cyber crime


13 September 2016

Mark Hughes

Blogs by author: Mark Hughes, President, BT Security


Cyber criminals have a business plan, just like you do. Here’s how to identify and fight back against this new breed of entrepreneur.

Who the cyber criminals are.

The twenty-first century cyber criminal is best characterised as a ruthlessly efficient entrepreneur or CEO, operating in a highly developed and rapidly evolving black market.

Their aim is to make money. And they do this by disrupting their target markets and exploiting the vulnerabilities of companies. To achieve their aim, they have a range of business models, including denial-of-service attacks, the forced encryption of documents and the theft of data. They may use the data directly (for example, by clearing bank accounts), sell it to other parties or use it to blackmail their victims.

A black market of cyber crime.

And criminal entrepreneurship isn’t confined to those who directly attack organisations. The hacker who mounts a denial-of-service attack, or steals credit card details, finds support from a vast black market of people selling and hiring out attack tools.

This market features hackers for hire and malware distribution services costing as little as $0.50 per PC. It’s a dynamic and responsive industry. And criminals only need to be successful once to make a life-changing sum of money…

The levels of cyber crime.

To protect your organisation, you have to know who you’re up against. And that means understanding the different levels of cyber crime:

Attacks on individuals.

These campaigns target hundreds of millions of victims, costing them an estimated $40,000 an hour. Conversely, the cost of mounting these attacks is low. Criminals can hire attack tools with no upfront costs.

The main risk to cyber criminals launching these types of attacks is the fact that law enforcement is active in this area, and the crime is becoming increasingly high-profile.

Attacks on organisations.

This is the next level of cyber crime, requiring a more specific approach from attackers. It needs investment as criminals must understand their targets and figure out how to monetise their vulnerabilities.

With rewards as high as $10 million, it’s a tempting mode of attack. But as fraud patterns are easily detectable, there’s only a short window of opportunity for criminals to exploit.

Attacks on financial systems.

This is the most lucrative and risky level of attack, and it requires bespoke malware and research.

The financial system has huge incentives to protect itself. Cyber crime can cost up to $1 billion, and the sector faces fines from regulators for letting attacks through. It’s an extremely risky and challenging area for criminals. Law enforcement prioritises preventing these attacks, and also makes it increasingly difficult for criminals to launder any money taken.

How you can build better cyber defences.

When it comes to cyber crime, often the best mode of defence is attack. In order to take the offensive, it’s important to understand the criminal landscape you face. This means getting a clear picture of who your attackers are, their goals and business models.

Once you understand these, you can gather intelligence on the tools and strategies they use. Mapping all this intelligence and weighing it against vulnerabilities in your own business then lets you take action accordingly. This can take many forms, from building a stronger perimeter around your network, to taking the fight to attackers and disrupting their business model at various points.

Whatever action your organisation takes to defend itself, it’s important to remember that you’re working against the clock. Attackers exploit vulnerabilities quickly, so you need to be rapid in your response.

Start to create your map.

To protect your organisation, you need to know who’s trying to attack you, what tools they use and which vulnerabilities they plan to target. Find out how to get this knowledge with our new white paper, ‘Taking the Offensive — Disrupting Cyber Crime’, in partnership with KPMG.

In our next blog, we’ll look at how you can take the fight back to the criminal entrepreneurs.