In October 2008, the Symantec Corporation published its Report on the Underground Economy, which is the culmination of a year-long effort to observe and record the behaviors of bad actors in the cybercrime arena. By watching the activities of malicious botnets over a long period of time, Symantec’s researchers were able to identify likely interaction strategies for trading stolen digital cargo and services.

What’s most interesting about this report is not the specifics of any particular set of cybercriminals, but instead in the number of channels used to convey the goods as well as the pedestrian style of commerce, including several online How-To guides, used to entice would-be sellers to peddle their stolen goods.

Although this report is heavily biased toward reporting numbers and statistics, by enumerating price lists for stolen data and of the number of command-and-control networks used on a daily basis by cybercriminals, CISOs can put a much more firm opportunity cost estimate for failure to apply proper controls to sensitive customer data. In addition, in an appendix to the report, Symantec offers readers its recommendations for mitigation strategies to shore up data security risks.

Tagged with:
 

Comments are closed.



Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Visit our friends!

A few highly recommended friends...