According to two senior representatives from the cyber-security company, Palo Alto Networks, cybercrime and online scams are anticipated to be more prevalent than in previous years.
Among various cyber threats, business e-mail compromise (BEC) and ransomware attacks continue to be on the top of the global watch list.
As per Ms. Wendi Whitmore, Palo Alto Network’s Unit 42 senior vice-president, BEC scams, targets both corporations and individuals making genuine transfer-of-funds requests. It makes BEC the most common and costly threat to organizations worldwide.
“We see (criminal) organizations where you’ve got a member in Nigeria that’s closely communicating (on the Dark Web) with someone in Eastern Europe, and maybe communicating closely with someone in Asia […] I think that as the economy continues to have more challenges, we’re going to see even more of that level of interconnectivity,” says Ms. Whitmore.
On the FBI Internet Crime Complaint Centre report 2021, BEC continues to hold the apex position, for the sixth year.
Does Dark Web Harbor Cybercrime?
Mr. Vicky Ray, a principal researcher at Unit 42 who studies data and telemetry used in such global cyberattacks, believes that the Dark Web has become a breeding ground for cybercrime.
On the Internet or the ‘Surface web,’ which is readily accessed by the general public, one can look for a variety of information or participate in forums. On the other hand, in order to access Dark Web, one needs a certain browser and a known URL. Some Dark Web forums demand that new members have a known party vouch for them.
According to Palo Alto, the growth of Darknet markets in Asia has given cybercriminals more flexibility, since the platform's anonymity makes it less likely that they will ever be tracked.
“It’s hard, but at the end of the day, it is our job to connect these dots together to really answer... the hard question of who may be behind it (a cyberattack) or what the motivation is.” Mr. Ray told The Straits Times.
No matter if the attack is a ransomware attack or a data breach, cyber criminals are in an ecosystem where “everyone supports each other and collaboration is everywhere”, he continues, showing a screengrab of a malware developer apparently receiving feedback on a Dark Web forum.
“What has changed in the past three years has been the tactics of ransomware as a service […] These gangs who were actually creating and using the ransomware to target victims, or potential victims back in the day, what they have realized is, if they provide that to other criminals, who are called affiliates, they can be more profitable,” he adds.
Cybercrime on Dark Web
Criminals on the Dark Web co-operate in an operation in a variety of ways, from "consultants" who offer professional guidance to affiliates who buy malware from developers.
However, there also lies a similar collaboration between law enforcement and business parties, like Palo Alto, which shares its criminal research with Interpol.
In one such case, for instance, in 2021, the Nigerian Police Force detained 11 members of certain cybercrime gangs, who are assumed to be part of a threat group ‘SilverTerrier’ recognized for their BEC scams, said Interpol on its website.
During Operation Falcon II, which ran from December 13 to December 22, 2021, investigators analyzed data from the network's BEC scams, which were allegedly linked to 50,000 individuals. One suspect had more than 800,000 potential victim domain credentials on his laptop, while no monetary amount was disclosed.
In regards to this, Interpol said, “Through Interpol’s Gateway initiative, Palo Alto Networks’ Unit 42 and Group-IB (a cyber-security firm) have contributed to investigations by sharing information on ‘SilverTerrier’ threat actors, and analyzing data to situate the group’s structure within the broader organized crime syndicate. They also provided key technical expertise consultancy to support the Interpol teams.”
The Gateway Initiatives aid law enforcement agencies and corresponding private companies to communicate information in a secure and quicker manner, in order to mitigate and disrupt cybercrime.
“We really see the significance of these (partnerships)... So you will see a lot of the law enforcement now openly talking to us and collaborating,” adds Mr. Ray