Home & Office

In-demand black hat roles in thriving cybercrime world

People who know how to control botnet networks, wade through data for valuable information and encrypt data securely highly sought after in today's cybercrime ecosystem, insiders note.
Written by Ellyne Phneah, Contributor

The cybercrime economy is growing rapidly and thriving, thanks to online crooks employing different tactics and functioning in different roles within a group to convert stolen data into actual revenue streams.

Uri Rivner, head of new technologies for identity protection at RSA, the security division of EMC, said the online black market generates billions of dollars monthly and has evolved into a highly-developed ecosystem based on covert communication channels. Here, cybercriminals meet up to create virtual global teams and decide on how to conduct their crimes, he added in his e-mail

To gain a better understanding of the cybercrime universe, ZDNet Asia spoke to Rivner, as well as other security insiders, to uncover some of the most in-demand black hat skills and roles.

The exploit researcher
This group tend to be amateur attackers, also known as "script kiddies", who gather infected computers that can be used to host a phishing site or a spam relay, remarked Ronnie Ng, senior manager of systems engineering at Symantec Singapore.

"In some cases, the exploiters will break into credit card databases directly to harvest credit card data, skipping the phishing stage entirely," he added.

The botmaster
There are networks of bot-compromised PCs used to distribute spam and other malware for distributed denial-of-service attacks (DDoS), noted David Harley, senior research fellow of security at ESET. These botnets then facilitate fraud by impersonating as a Web referrer and send a huge volume of clicks to a Web page, which pays referrers on a cents-per-click basis, he explained. The person running these networks of malware-infected PCs are known either as "botmaster" or "botherder", and is a cog in the entire online fraud ecosystem, Harley noted.

The data analyst
RSA's Rivner pointed out that Trojans deployed by cybercrooks steal a large amount of data, from online banking sites and credit cards to social networks, e-mails and corporate information. Amid the deluge of data, he pointed out that business intelligence (BI) consultants will be necessary to help "find the needle in the haystack" and convert a lot of the unstructured data collated into a cyber treasure trove, which can be sold or shared on the online black market.

The encryption guru
Just as information generated by consumers are wanted by black hats, the latter's data is also highly sought after and considered valuable by other online criminals and law enforcement authorities, Rivner said. This is because criminals will want to cash in on the stolen data, while the police will want to use the information as digital forensic evidence to prosecute the criminals, he stated.

Thus, it is crucial for cybercriminals to know how to encrypt their data and the hard drives the information is saved on. There will always be a place for cipher builders as well as code breakers in such black hat markets.

The carder and dropper
Ng also identified "carders" as those who purchase goods using pilfered credit or bank card information. They usually siphon off information by skimming, Harley added.

The carders will then pass these merchandise on to "droppers", who will then pick these goods at an untraceable drop-off point, Ng added.

The money mule
Cybercriminals use "mules" largely for money laundering and direct scamming activties, Harley pointed out.

These people are persuaded to receive and pass on payments, making it harder for authorities to "follow the money", thus becoming "money mules", he explained.

He added: "Mule driving is hence, the acquisition, care and feeding of mules."

The mobile expert
Rivner also noted that consumers are moving away from traditional Web-based applications to smartphones and tablets as these devices proliferate the market. This means that more users are utilizing mobile devices to conduct banking transactions via such apps, too.

"There is hence a whole new digital frontier waiting for the creative minds of cybercriminals," he said. "The dark economy is starting to grow into the mobile space."

Editorial standards