Cybercriminal Underground

Understanding current and future threats to the internet of things (IoT) can help shape how we secure this technology that is increasingly becoming integral to today's world. What insights can be reaped from the cybercrime underground?

Our continued forays into the cybercriminal underground allowed us to see how the tactics and techniques used to attack financial organizations changed over the years.

While underground forums have long been the purview of digital or internet-enabled crimes, recent developments have shown signs of increasing synergy and interaction between traditional criminals and cybercrime actors.

Although the general public thinks of underground forums as a place where scams and suspicious dealings are rampant, the opposite is usually true: the threat actors who inhabit these sites often consider their reputation a major asset.

In the past several years, traveling cybercriminals have toured around the world on the cheap, thanks to the fraudulent online transactions involving travel documents, airline and hotel loyalty accounts, and other travel-related services in the underground.

In 2012, we predicted that we would soon see an African underground market take root. Our recent joint research effort with the INTERPOL on the West African threat landscape may just be even greater proof of that.

Research on how the healthcare sector has evolved as a preferred target for cybercriminals, how stolen records are monetized, what types of data are stolen, and how much they're sold for in the underground.

While cybercriminals seem to be shying away from data theft to outright extortion as their main revenue source (cue in ransomware), stealing personal information and using or selling it for further cybercriminal acts is still a serious problem.

Some of the more notable facts and numbers taken from the Trend Micro research into the French underground.