At one time, cybercrime consisted of individual hackers ready and willing to make a name for themselves or try to land a job. Whether it’s involving computer viruses, denial-of-service (DoS) attacks, malware, or identity theft, the cybercrime market is not slowing down. Today, new global research has found that the cyber black markets are reaching economic maturity and growth at levels previously never before seen. To provide an economic analysis of the cyber black market, new global research was conducted by the RAND Corporation and sponsored by Juniper Networks, to provide a first of its kind report to reveal and learn more about the nature of the cybercrime black market. The goal was to examine these markets entirely and apply economic analysis to gain understanding of how they function.
In late March 2014 the results of this study were released, revealing that the hacker black markets are very similar to a flourishing metropolitan city with various industries, interactions, and communities. Significant levels of economic sophistication, accessibility, and reliability were found as well as resilience in the products, distribution channels, and actors involved in the black markets. RAND’s findings show that the cyber black markets are rapidly growing with a vigorous infrastructure and social organization in a multi-billion dollar economy. Just like any other economy, black cyber markets react and change due to factors such as supply and demand while continuing to progress.
RAND Corporation’s research uncovered various elements of the hacker black market economy:
- Storefronts – Goods can be purchased and sold in storefronts on the spot.
- Service Economy – Criminal services can be purchased as traditional software or leased like a managed service, enabling even the most unskilled hackers to perform the most extensive attacks.
- Hierarchal Society – There is a hierarchy among the cyber black market that requires connections and relationships in order to move up. Those considered top dog, or the most credible, are making the most money.
- Rule of Law – Even the cyber black market has an unspoken set of rules to abide by that are policed and well structured. Those who scam others are regularly banned and weeded out of the market.
- Education and Training – Many tools and resources are available on the cyber black market to train and teach criminals the ins and outs of the hacker world. From instructions on exploit kits to information on where to buy credit cards, these tools help facilitate entry into the hacker economy.
- Currencies – Transactions amongst the black cyber market typically only take place via digital currency exchanges such as Bitcoin and AlertPay. This is because these payment method programs have characteristics such as anonymity and security.
- Diversity – Focus and expertise varies among different countries. Cybercriminals from Latin America, Eastern Europe, and China typically take part in malware attacks, whereas Russia is thought to be the leader when it comes to quality. Russia, Ukraine, Lithuania, and Romania tend to focus on financial institutions, China specializes in intellectual property, and the United States primarily targets U.S. based financial systems.
- Criminals – The cyber black market has its own criminals known as “rippers” who do not provide the goods and services they claim to deliver.
All Juniper Networks-sponsored research was conducted by RAND between the months of October and December of 2013. Results are based on in-depth interviews with global experts who are currently or formerly involved in the market. These experts included law enforcement, security vendors, security researchers, reporters, and academic professionals.