For three years now, Trend Micro’s Forward Looking Threat Research (FTR) group has been looking at the Cybercrime Underground Economies of many countries around the world. We’ve done three reports on Russia, three on China, one on Japan, one on Brazil and one on the Deep Web.
Today, we’re releasing a report that brings this topic closer to home for many of us focusing on the United States and Canada. Today our researchers have released “North American Underground: The Glass Tank,” the latest in our Cybercrime Underground Economy Series.
In this report, our researchers outline some of the ways the North American Underground differs from those of places like Russia and China. One of the most important differences is that the North American Underground is characterized by a high degree of openness unlike other undergrounds. Where the Chinese and Japanese Undergrounds in particular follow a “speakeasy” model where access for both buyers and sellers is restricted to “those in the know,” the North American Underground is open to all. In fact, as our researchers note, the North American Underground is characterized by continuous improvement not just in the goods and services offered but in ease of use for access and use by buyers and sellers.
Another thing that uniquely characterizes the North American Underground is the prominence of drugs and weapons for sale on their marketplaces. As our researchers note, contraband like drugs and weapons was a major factor in sparking the growth of the North American Underground in the first place. And these items are certainly available on the North American Underground. In fact, also we see the same drive towards ease of entry and usability around drugs and weapons that we see with the North American Underground generally.
But, despite the impressions that media reports on the Silk Road and its successors might leave you with, the North American Underground is more than just drugs and guns. Like other undergrounds it has its share of malware and attack kits for sale. It also features stolen data and compromised accounts for sale. Another thing that we’ve seen in this arena is the rise on the market for compromised accounts for Netflix and Spotify accounts: giving criminals an opportunity to “piggy back” on the legitimate accounts of others without them knowing it.
The full report has more detail, including information on ways buyers and sellers effectively launder Bitcoins for transactions in the North American Underground.
Overall, though, this report shows that the North American Underground Economy differs as much from those of, say, China, as their surface economies differ. Interestingly, this also shows that the underground economies and the surface economies differ in very similar ways.
Please add your thoughts in the comments below or follow me on Twitter; @ChristopherBudd.
