How Crime-As-A-Service Turned Hacking Into A Subscription Business
A number of devastating and widely reported cyber attacks against UK retailers in recent weeks have once again exposed the fact that the impact of cybercrime on our lives is growing.
As of writing, Marks and Spencer hasn't processed online orders for several weeks, following an attack in April estimated to have cost it $400 million. And the Co-Op group of over 2,500 stores is recovering from an attack in which customer data was stolen, and shelves were left bare.
There are a few reasons retailers are often easy prey for cybercriminals. They handle lots of sensitive customer data, and they're very sensitive to supply chain disruption, meaning their operations can be brought to a costly halt by disrupting suppliers.
On top of that, their infrastructure sprawls across online retail, mobile apps, and the point-of-sale terminals, tills and tablets of bricks 'n' mortar, giving criminals lots of potential ways in.
With politicians raising fears that the escalation of this activity could result in serious threats to the food supply chain, it's becoming urgent to understand the factors behind the rise in these attacks.
One thing that's becoming increasingly clear is that cybersecurity is no longer simply about making sure IT departments keep our firewalls and anti-malware up-to-date.
I believe that these attacks tell us that cybersecurity is becoming less about technology and more about people. And this means that the way we defend ourselves has to change, too.
Not too long ago, at least a small amount of technical know-how was needed by anyone who wanted to launch a cyberattack and disrupt the operations of a business.
Today, though, an underground economy exists where anyone with the funds can access tools and expertise that can bring businesses to the ground.
Referred to by security experts as crime-as-a-service, this involves the developers of hacker tools and apps charging via a subscription model, like any other software developer.
Effectively, this means that just about anyone sitting behind a VPN can carry out a crime anonymously anywhere in the world. It's a 'democratization' of cybercrime.
The motivation is usually money. Two of the most common attacks are ransomware attacks, where data is encrypted and a ransom is paid to have it returned, and denial-of-service attacks, which flood systems with data, causing them to stop working properly.
The increasing accessibility of these tools is a factor in the growing number of attacks. The hacker group suspected of carrying out the Marks and Spencer attack is reported to have used a CaaS platform known as DragonForce.
But another factor is a change in strategy. Increasingly, rather than targeting technology, criminals are striking directly at the weakest link in the cybersecurity chain, which is usually us humans.
Although the details haven't been released and investigations are still ongoing, it's strongly suspected that the Marks and Spencer cyber attack was carried out through social engineering.
With modern cloud security infrastructure being relatively robust, humans, who can be lazy, forgetful and tired, are generally the weakest link. Why would a hacker spend the vast amount of computing power and resources it would take to brute-force into a system and steal or encrypt data when they can just trick or bribe a human into letting them in?
Surveys suggest that email and social media phishing were a factor in more than half of 2024's ransomware attacks and that 67% of people believe the rise of generative AI has increased their fear of ransomware.
As well as human incompetence and our trusting nature, cybercriminals are increasingly exploiting our greed. In fact, 53 percent of organizations reported cybercrime by insiders in 2024. One high-profile recent example is the $20 million attempted extortion of cryptocurrency exchange Coinbase, where support staff are accused of taking bribes in exchange for giving criminals access.
Criminals believe that retailers are big, rich targets that move slowly to respond to threats and are likely to comply with ransom demands rather than suffer business disruption.
By targeting people with permission to access their systems, then all that IT spending on cyber security infrastructure—firewalls, secure email gateways, network security, access control, security tools—becomes irrelevant, and their criminal activities become a lot simpler.
So, how can businesses, and we as professionals, employees and individuals, most effectively respond to this change?
The first step could be to think about adopting a more human-centric security strategy. This means developing a culture of cyber-awareness that's active at all levels, from the boardroom to the shop floor.
By understanding what criminals look for, how they try to gain access, and what's at stake if they succeed, everyone's awareness increases.
Particular attention should be paid to ensuring everyone understands the growing threat of generative AI-powered deepfake crime.
When it comes to this, as well as understanding the wider picture of where threats might exist in an organization, it's human skills that will be most valuable.
This means that effectively communicating the importance of cyber vigilance, achieving buy-in, and understanding what makes us vulnerable to bribery and corruption are critical skills in the cybersecurity toolbox.
Critically, when implementing these changes, the focus should be on limiting opportunities for threat actors to cause damage rather than monitoring the activities of individuals in a way that damages trust. Balancing this also requires skilled human judgment.
Make no mistake, with 43% of UK companies reporting an attempted cyber attack last year, the threat is greater than ever, and the penalties for making mistakes are severe.
But by switching to understanding, predicting and improving the behavior of humans rather than just technology, all businesses can reduce their chances of becoming victims.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Fox News
31 minutes ago
- Fox News
Europeans meet with Iranian officials face-to-face for first time since Israel, US bombings as sanctions loom
European diplomats met with Iranians on Friday face-to-face for the first time since Israel and the U.S. bombed the country last month. The "serious, frank and detailed" meeting in Istanbul, Turkey, lasted for around four hours and the officials all agreed to meet again for continued negotiations on Iran's nuclear program. Sanctions that were lifted on Iran in 2015 after it agreed to restrictions and monitoring of its nuclear program could be reimposed if Iran doesn't comply with requirements. One of Europe's E3 nations – Britain, France and Germany, who held the talks with Iran – could bring back sanctions under the "snapback" mechanism, which allows one of the European countries to bring back U.N. sanctions if Iran violates the conditions. European leaders have also said that sanctions will start being reinstated by the end of August if there is no progress on reining in Iran's nuclear program. "A possible delay in triggering snapback has been floated to the Iranians on the condition that there is credible diplomatic engagement by Iran, that they resume full cooperation with the IAEA (International Atomic Energy Agency), and that they address concerns about their highly-enriched uranium stockpile," a European diplomat said on condition of anonymity before the talks on Friday. The diplomat added that the snapback mechanism "remains on the table." Iran said that the U.S. needs to rejoin the 2015 nuclear deal – after President Trump pulled America out of it in 2018 – saying Iran has "absolutely no trust in the United States." The U.S. bombed Iran's nuclear sites on June 22, a little over a week after Israel had bombed the country over national security concerns about its nuclear program. Iran responded by attacking Israel and a U.S. Army base in Qatar. Isreal and Iran agreed to a ceasefire on June 24. The IAEA issued a concerning report in May that said that Iran's stockpile of near-weapons-grade enriched uranium had grown by nearly 50% in three months.
Yahoo
32 minutes ago
- Yahoo
Major warning after Aussie receives random $350 payment in her bank account
A cybersecurity expert has warned Australians to be wary of money that unexpectedly arrives into their bank accounts. This is what happened to Molly Smith, who was confused when she saw $350 pop into her account recently. The money came from a woman named Phoebe, who said in the description that it was for a wedding. This immediately rang alarm bells for the South Australian content creator, who told Yahoo Finance that something seemed off. "My first thought was that it was a job I had completed, and my payment had come through. But I'm pretty on top of my finances and knew that figure wasn't expected," she said. RELATED Tradie loses $449,000 in an instant after missing key detail The top 10 highest salaries in Australia paying up to $700,000 Rare 5 cent coin worth 25,000 times its value due to 'double headed' detail The 35-year-old tried to find this mysterious Phoebe on social media, even though she didn't have the woman's full name. But then she discovered an email in her spam folder from her that explained the money was meant to be sent to a makeup artist. "The grammar was a tad off, which didn't help the situation. I also tried to call her twice, with no success. Went straight to voicemail," Smith mum decided to wait it out and see if her bank would just take the money back. However, this happened over the weekend, and Smith worried the bank would take several days to potentially process the refund while someone needed the cash. But she then received a message from the makeup artist, who had the same name as her. The artist explained the whole situation and said the reason why Phoebe suddenly went missing was because she got married. That was enough for Smith to transfer the money back herself. Random bank transfers can be a scam While it seemed everything worked out in this situation, Simon Smith said you should be very wary if this happens to you. The Australian cybersecurity expert told Yahoo Finance this has all the hallmarks of what's called a "recall scam". "This works by the scammer depositing funds into the victim's bank account, then contacting the victim claiming it was an accident or a payment intended for someone else," Smith said. "The scammer pressures the victim to manually transfer the money back. "In reality, the money was sent by another scam victim who was instructed by the scammer to deposit funds into your account. "Several weeks later, that real victim initiates a bank recall on their payment. This results in your account being debited for the same funds you already sent to the scammer, causing a double loss." He explained that random deposits into your account, while not always nefarious, typically "mark the early signs of sophisticated scams". Scammers also have a way of tripping up a bank's security system that's designed to stop these types of scams. "Often scammers pay into a bank account a small amount to establish a false trading relationship with their victim," he said. "This falsely makes the bank think that they are a known party. Then when the victim is instructed to send much higher amounts back to an account under various scam scenarios, this false trust allows those payments to go through without triggering bank fraud systems." What should you do if you get a random bank transfer? Smith said you should do nothing if you receive money into your account from an unknown person or entity. You should only act once you've received proper advice and a qualified expert opinion. "The correct course is to notify your bank and request that they handle any necessary return through official channels," he told Yahoo Finance. "Any manual repayment can expose you to irretrievable financial loss." Even though Molly transferred the money manually, she agreed with the security expert. "Despite what people think on TikTok, I did reach out to my bank," she said. "It was the weekend, so I couldn't call them, but I did get answers via their online chat room. "Scammers are way too clever these days. You can never trust anyone. I've heard of way too many stories of this happening. I didn't want this happening to me."Error in retrieving data Sign in to access your portfolio Error in retrieving data
Yahoo
34 minutes ago
- Yahoo
Analysts Are Updating Their ABB Ltd (VTX:ABBN) Estimates After Its Second-Quarter Results
Investors in ABB Ltd (VTX:ABBN) had a good week, as its shares rose 9.9% to close at CHF52.24 following the release of its quarterly results. The result was positive overall - although revenues of US$8.9b were in line with what the analysts predicted, ABB surprised by delivering a statutory profit of US$0.63 per share, modestly greater than expected. Following the result, the analysts have updated their earnings model, and it would be good to know whether they think there's been a strong change in the company's prospects, or if it's business as usual. So we gathered the latest post-earnings forecasts to see what estimates suggest is in store for next year. AI is about to change healthcare. These 20 stocks are working on everything from early diagnostics to drug discovery. The best part - they are all under $10bn in marketcap - there is still time to get in early. Following the latest results, ABB's 25 analysts are now forecasting revenues of US$34.9b in 2025. This would be a satisfactory 4.1% improvement in revenue compared to the last 12 months. Statutory earnings per share are predicted to increase 6.9% to US$2.46. Yet prior to the latest earnings, the analysts had been anticipated revenues of US$34.6b and earnings per share (EPS) of US$2.44 in 2025. The consensus analysts don't seem to have seen anything in these results that would have changed their view on the business, given there's been no major change to their estimates. See our latest analysis for ABB It will come as no surprise then, to learn that the consensus price target is largely unchanged at CHF48.60. Fixating on a single price target can be unwise though, since the consensus target is effectively the average of analyst price targets. As a result, some investors like to look at the range of estimates to see if there are any diverging opinions on the company's valuation. The most optimistic ABB analyst has a price target of CHF59.77 per share, while the most pessimistic values it at CHF36.86. These price targets show that analysts do have some differing views on the business, but the estimates do not vary enough to suggest to us that some are betting on wild success or utter failure. One way to get more context on these forecasts is to look at how they compare to both past performance, and how other companies in the same industry are performing. The analysts are definitely expecting ABB's growth to accelerate, with the forecast 8.3% annualised growth to the end of 2025 ranking favourably alongside historical growth of 5.2% per annum over the past five years. Compare this with other companies in the same industry, which are forecast to grow their revenue 4.7% annually. Factoring in the forecast acceleration in revenue, it's pretty clear that ABB is expected to grow much faster than its industry. The Bottom Line The most important thing to take away is that there's been no major change in sentiment, with the analysts reconfirming that the business is performing in line with their previous earnings per share estimates. Happily, there were no major changes to revenue forecasts, with the business still expected to grow faster than the wider industry. The consensus price target held steady at CHF48.60, with the latest estimates not enough to have an impact on their price targets. Following on from that line of thought, we think that the long-term prospects of the business are much more relevant than next year's earnings. At Simply Wall St, we have a full range of analyst estimates for ABB going out to 2027, and you can see them free on our platform here.. Even so, be aware that ABB is showing 1 warning sign in our investment analysis , you should know about... Have feedback on this article? Concerned about the content? Get in touch with us directly. Alternatively, email editorial-team (at) article by Simply Wall St is general in nature. We provide commentary based on historical data and analyst forecasts only using an unbiased methodology and our articles are not intended to be financial advice. It does not constitute a recommendation to buy or sell any stock, and does not take account of your objectives, or your financial situation. We aim to bring you long-term focused analysis driven by fundamental data. Note that our analysis may not factor in the latest price-sensitive company announcements or qualitative material. Simply Wall St has no position in any stocks mentioned.
