Sep 27 2018

The Organized Cybercrime Workplace: Not Your Parents’ Basement

Typically, when the public sees hackers and cyber criminals portrayed, whether in print or on screen, the imagery is usually the same. We’re driven to believe these criminals are unkept, socially awkward, basement dwellers who can’t get enough of any specific hyper-caffeinated beverage.

But is that reality? It’s quite clear that’s often not the case.

Surely there are going to be some criminals that fit the stereotypical mold, but more and more, the bad actors are increasingly likely to present as upstanding citizens, at least outwardly.

So, what does it all mean?

When planning to defend against cybercrime, businesses and individuals need to be more cognizant of the potential threats. The rogue individual can still be gifted and capable and do damage, but the real threat lies elsewhere.

[ Read: Flipping the Script – Users Are Your Greatest Security Asset ]

As you sit in your executive boardroom debating how to protect your company, it’s increasingly likely that there is, somewhere in the world, a well-organized and well-funded criminal enterprise sitting in their own executive boardroom, planning how to profit from the criminal activities you seek to prevent.

That’s right. It’s more and more likely that the criminal activities that security professionals are working to prevent are being conceived and executed out of office space not unlike our own.

For example, out of Ukraine, a criminal organization was disrupted in a bust. This organization was set up not unlike a successful enterprise – they had multiple offices and a financial auction website to serve as their front to bring in customers (aka, their victims).

They even employed a CRM solution to help make sense of all their information. These were not anti-social, basement dwelling script kiddies.

In a similar vein, we’ve all heard about those annoying IRS scam phone calls, or Tech Support scam calls. While those are examples of vishing, they have also been shown to be organized and well-funded.

These are just more illustrations of how those who aim to harm us digitally are becoming increasingly sophisticated.

So what does it mean to companies looking to fortify their security position? It means being well-informed and vigilant is ever more important.

[ Read: New Research Affirms Layer 8 Security Recommendations ]

While some companies might be tempted to cut corners when it comes to protection, we see examples where the criminals are not.

Businesses need to accept that the criminals will be pouring extensive resources – time, energy, skills and funds – into their illegal enterprises. And leaders need to understand that it’s vital to keep their companies well protected by a combination of hardware, software and professional services.