Crimeware as a service is the new business model
1 min read
Crimeware-as-a-service is the latest development in the ongoing commercialisation of cybercrime, according to secure web gateway products developer Finjan. njan.
Crimeware-as-a-service is the latest development in the ongoing commercialisation of cybercrime, according to secure web gateway products developer Finjan.
The firm’s Malicious Code Research Centre (MCRC) says it has identified the trend in its Q1 2008 Web Security Trends Report.
Yuval Ben-Itzhak, CTO of Finjan, says that criminals have started to use online cybercrime services instead of having to deal themselves with the technical challenges of running their own crimeware server, installing crimeware toolkits or compromising legitimate websites.
“Currently, we see the rise of the CaaS business model in the crimeware-toolkit market. Cyber criminals and criminal organisations are getting better at protecting themselves from law enforcement by using the crimeware services – especially since the operator does not necessarily conduct the criminal activities related to the data that is being compromised, but only provides the infrastructure for it,” he says.
As with mainstream software providers, however, the creators and owners of crimeware toolkits provide their customer base with update mechanisms, while tooling them with sophisticated, anti-forensic attack techniques, as well as the ability to manage and monitor malicious code affiliation networks.
“Cyber criminals can now generate more targeted infections and deliver specialised crimeware for specific geographical regions,” says Ben-Itzhak. “Our report illustrates how these criminals are employing marketing and sales techniques to address the cybercrime economy and ensure that the market they are after gets the proper ‘product’ localised for it.”
His advice: “The trends described in this report confirm that the security industry and law enforcement agencies should take an innovative approach in handling these crimeware commercialisation threats.”
Meanwhile, Finjan has just released version 9.0 of its Vital Security Web appliances, with patented real-time content inspection technologies, aimed specifically at preventing crimeware and malicious Web 2.0 content from infiltrating corporate networks and stealing business data. The firm says that by inspecting inbound and outbound web traffic, malicious content is prevented in real time, even when hiding in SSL traffic.
