Monday, April 15, 2019

Dark markets, threat cumulativity, siegeware, and a cybercrime barometer

This is an update on five parts of my research and writing so far this year. The first part built on a suggestion from ESET PR Manager Anna Keeve: help people better understand the cybercrime threat by showing them the "dark markets" that are used to sell stolen information and buy the tools with which to steal it. So I decided to highlight their “evolution” into mainstream online services for enabling cybercrime.

1. Next Generation Dark Markets? Think Amazon or eBay for the criminally-inclined
In addition, Anna set up a session with the wonderful folks at Markeplace on NPR. So, if you want to hear more about the dark web, close your eyes and take this audio tour: Exploring the dark web with Kai Ryssdal on Marketplace

A reflection on how, by acknowledging the cumulative nature of cyber-threats and understanding its implications, we can improve our approach to digital security.

I presented my analysis of the data from a large survey, paid for by ESET and designed to uncover attitudes to cybercrime and cybersecurity in North America. This confirmed that the majority of Americans fear the misuse of personal data they supply to websites, and view cybercrime as a threat to their country.

Recent news articles show that a vital part of the IT ecosystem - MSPs - are now being targeted by criminals for a variety of nefarious reasons. I wrote about why this is happening, and what MSPs should do about it.

Siegeware is what you get when cybercriminals mix the concept of ransomware with building automation systems: abuse of equipment control software to threaten access to physical facilities. It is real and it needs to be openly addressed.

No comments: