G2TT
来源类型Report
规范类型报告
DOIhttps://doi.org/10.7249/RR610
来源IDRR-610-JNI
Markets for Cybercrime Tools and Stolen Data: Hackers' Bazaar
Lillian Ablon; Martin C. Libicki; Andrea M. Abler
发表日期2014-03-25
出版年2014
语种英语
结论

The Hacking Community and Cyber Black Markets Are Growing and Maturing

  • The cyber black market has evolved from a varied landscape of discrete, ad hoc individuals into a network of highly organized groups, often connected with traditional crime groups (e.g., drug cartels, mafias, terrorist cells) and nation-states.
  • The cyber black market does not differ much from a traditional market or other typical criminal enterprises; participants communicate through various channels, place their orders, and get products.
  • Its evolution mirrors the normal evolution of markets with both innovation and growth.
  • For many, the cyber black market can be more profitable than the illegal drug trade.

These Cyber Black Markets Respond to Outside Forces

  • As suspicion and "paranoia" spike because of an increase in recent takedowns, more transactions move to darknets; stronger vetting takes place; and greater encryption, obfuscation, and anonymization techniques are employed, restricting access to the most sophisticated parts of the black market.
  • The proliferation of as-a-service and point-and-click interfaces lowers the cost to enter the market.
  • Law enforcement efforts are improving as more individuals are technologically savvy; suspects are going after bigger targets, and thus are attracting more attention; and more crimes involve a digital component, giving law enforcement more opportunities to encounter crime in cyberspace.
  • Still, the cyber black market remains resilient and is growing at an accelerated pace, continually getting more creative and innovative as defenses get stronger, law enforcement gets more sophisticated, and new exploitable technologies and connections appear in the world.
  • Products can be highly customized, and players tend to be extremely specialized.
摘要

Criminal activities in cyberspace are increasingly facilitated by burgeoning black markets for both tools (e.g., exploit kits) and take (e.g., credit card information). This report, part of a multiphase study on the future security environment, describes the fundamental characteristics of these markets and how they have grown into their current state to explain how their existence can harm the information security environment. Understanding the current and predicted landscape for these markets lays the groundwork for follow-on exploration of options to minimize the potentially harmful influence these markets impart. Experts agree that the coming years will bring more activity in darknets, more use of crypto-currencies, greater anonymity capabilities in malware, and more attention to encrypting and protecting communications and transactions; that the ability to stage cyberattacks will likely outpace the ability to defend against them; that crime will increasingly have a networked or cyber component, creating a wider range of opportunities for black markets; and that there will be more hacking for hire, as-a-service offerings, and brokers. Experts disagree, however, on who will be most affected by the growth of the black market (e.g., small or large businesses, individuals), what products will be on the rise (e.g., fungible goods, such as data records and credit card information; non-fungible goods, such as intellectual property), or which types of attacks will be most prevalent (e.g., persistent, targeted attacks; opportunistic, mass "smash-and-grab" attacks).

目录
  • Chapter One

    Introduction and Research Methodology

  • Chapter Two

    Characteristics of the Black Market

  • Chapter Three

    The Black Market and Botnets

  • Chapter Four

    Zero-Day Vulnerabilities in the Black and Gray Markets

  • Chapter Five

    Are Hacker Black Markets Mature?

  • Chapter Six

    Projections and Predictions for the Black Market

  • Chapter Seven

    Conclusions

  • Chapter Eight

    For Future Research

  • Appendix A

    Text of the Black Market Timeline

  • Appendix B

    Glossary

主题Cybercrime ; Cybersecurity ; Data Privacy ; The Internet ; Law Enforcement ; Markets
URLhttps://www.rand.org/pubs/research_reports/RR610.html
来源智库RAND Corporation (United States)
引用统计
资源类型智库出版物
条目标识符http://119.78.100.153/handle/2XGU8XDN/522440
推荐引用方式
GB/T 7714
Lillian Ablon,Martin C. Libicki,Andrea M. Abler. Markets for Cybercrime Tools and Stolen Data: Hackers' Bazaar. 2014.
条目包含的文件
文件名称/大小 资源类型 版本类型 开放类型 使用许可
RAND_RR610.pdf(1923KB)智库出版物 限制开放CC BY-NC-SA浏览
1596651847393.jpg(3KB)智库出版物 限制开放CC BY-NC-SA缩略图
浏览
个性服务
推荐该条目
保存到收藏夹
导出为Endnote文件
谷歌学术
谷歌学术中相似的文章
[Lillian Ablon]的文章
[Martin C. Libicki]的文章
[Andrea M. Abler]的文章
百度学术
百度学术中相似的文章
[Lillian Ablon]的文章
[Martin C. Libicki]的文章
[Andrea M. Abler]的文章
必应学术
必应学术中相似的文章
[Lillian Ablon]的文章
[Martin C. Libicki]的文章
[Andrea M. Abler]的文章
相关权益政策
暂无数据
收藏/分享
文件名: RAND_RR610.pdf
格式: Adobe PDF
文件名: 1596651847393.jpg
格式: JPEG

除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。