Before the end of the month, we will release a new paper in our Cybercriminal Underground Economy Series titled Russian Underground Revisited. This is a followup to our earlier paper Russian Underground 101; both papers examined the Russian Underground and looked at the goods and services being sold inside these underground communities.
While the full details will not be published until next week, the overall finding of the report is clear: cybercrime has never been more affordable and accessible, even for lesser-skilled cybercriminals.
The lower ranks of the underground communities are often derisively referred to as “script kiddies”, but this does not mean that the damage they cause is any less consequential. Technical understanding of security flaws is not a prerequisite to exploiting them at all; they are just like the “users” of any other organization: they just want their code “to work”; the only difference here is that their code is carrying out malicious behavior.
What does this mean? For starters, it means that the volume of threats will keep on increasing for the foreseeable future. We may also see more variety in threats, if only because the attackers are more numerous than before. (One shouldn’t interpret falling prices as a sign of a failing business.) In addition, the scope and variety of the products for sale are also improving, making the resources available for “script kiddies” more powerful.
Cybercrime is a business, and the prices we’ve seen validate what we already know: that times are good, victims are plentiful, and the risk is relatively low. This is all in spite of technical solutions that have increased the security of computing devices overall. It highlights the need for cybercrime solutions that focus not just on technical issues, but also economic and legal ones as well.