Well, here in Chi Town, we are now approaching into the second of month of our so-called lock down and WFH.  I tell ya, people are getting quite ancy, and want to get back to work ASAP.  Fingers crossed that our governor would start to open doors at the beginning of May. 

But anyways, over the last few weeks, we all have been inundated with all of the news headlines, and even me, with all of the Cyber stories.

They all have pretty much stayed the same, once again, much of the stories out there are about WFH issues and Zoombombing. But now, it looks like that Microsoft is starting to take some heat for its “Teams” product, and even Oracle as well, as companies are looking for other ways and avenues to conduct meetings and other work-related tasks.

There is also no doubt that the economy is starting to go into a tailspin, in fact, worse than I was originally expecting at first.  But I still have faith that things will start to skyrocket once yet again when there is some closure to all of this (if there will ever be). 

But, now let us take the flip side of the economy in this blog and examine that.  You may be wondering at this point, what is it?

Well, it is the economy of the Dark Web, and really, what is known proverbially as the “Cybercrime Economy”. Yes, even the Cyberattacker has a business sense as well, after all, just like the rest of us, they want to make some serious $$$ as well.  But of course, the way they do it is not all together the most legal way to go about it.

The COVID 19 crisis has totally shaped this different kind of economy, and in fact, according to some reports, it is expected be as high as a whopping $ 6 trillion by 2021.  So, what are the trends that are occurring on the Dark Web?  Here we go:

*The Cyberattacker are expanding their horizons even further:

The norm for the Dark Web economy has been to lay low, so that can avoid detection by law enforcement agencies.  But, with all resources now being stretched to the breaking point, the Cyberattacker is now taking full advantage of this, and even making brazen and bold attacks directly to the millions of merchants facing websites that are out there.  They have even resorted to marketing their services to many more forums on the Dark Web, rather than just the traditional one or two, in order to keep a low profile.  In fact, many Cyberattackers are now even selling their services across the different language platforms as well, which now typically include those of Chinese and Russian.  There is one popular forum on the Dark Web that is known as “Torum”.  This is has become the go between for the Cyberattacker to sell whatever goods they have hijacked.  This forum is actually now gaining quite a bit of popularity.  In this aspect, the mentality of the Cyberattacker has shifted to increasing their risk as well as their exposure level.

*A further rise in Ransomware:

Yes, Ransomware has always been a menace to all of us, and even Corporate America especially.  In fact, when the COVID 19 hit full force back last March forcing all of the shutdowns, Ransomware actually increased by 50% than when compared to the three months prior before that.  This includes deploying the malicious payloads across all technological mediums as possible, which include both wired and wireless devices.  But now, this trend seems to be dissipating, primarily because the Cyberattacker is not getting paid by the victims in order to get their screens and files unlocked.  In other words, COVID 19 not only has put a cash crunch on the every day American citizen, but it is also having an impact on the Cyberattacker as well, at least when it comes to launching Ransomware based attacks.  Another reason for this trend, believe it or not, could be the WFH issues themselves.  For example, once a Cyberattacker was able to break through corporate IT infrastructure, the payload that they deployed would simply transcend downwards to the rest of the devices used by all of the employees in that organization.  But with home-based networks now being used on a scale never seen before, the Cyberattacker is actually having a harder time to penetrate these kinds of networks.

*A shift in what is being targeted:

Before COVID 19 ever even hit, the most sought-after crown jewel for the Cyberattacker was the Personal Identifiable Information, or the PII of their victims.  This typically involved heisting passwords wherever they could get their hands on it.  But now, this trend has also changed as well.  With all employees being cooped up at home having to work, the virtual platforms, primarily that of Zoom, has now been the prime target for the Cyberattacker.  This has become affectionately known as “Zoombombing”.  So, rather than going after your financial info, your Zoom (or whatever video conferencing platform that you might be using) login credentials are now most at stake.  In fact, just in the time span of February to March in this year alone, Cyberattacks against the Zoom platform spiked by at least 63%.  Put this another way, traditionally on the Dark Web, each stolen Zoom PII fetched only a meager $.002, but now the value of this has gone up to as high as a staggering $500,000.00.  But keep in mind that it is not just Zoom at stake here, pretty much all streaming content sites are at grave risk as well.  Heck, even Virtual Private Networks (aka VPNs) are also at risk as well.  Why?  By breaking into a VPN, this is another way to gain a backdoor into the corporate IT infrastructure.

*An increase in Phishing as a Service:

For the most part, we have heard of this term, “as a Service”. Essentially, this refers to procuring Cloud based software applications. But yes, even on the Dark Web, the “as a Service” also exists there as well.  In this regard, one of the most popular types of services is that of Phishing.  In other words, the Cyberattacker does not have to worry about how to launch a Phishing based attack themselves, they can hire a provider to do this for a fixed, monthly fee.  But the trend is not just for luring victims into fake and spoofed financial websites, now it has shifted to everything that is COVID 19 related.  For example, this includes putting up malicious sites tricking the victim that they can access more information about the pandemic, get more information about their stimulus checks, get medical updates on their family members that might be infected, etc.  The prices for renting out “Phishing as a Service” is typically about $30 per month, but the much more inclusive packages can go as high as well over $100 per month.  Also, it is important to keep in mind that the Cyberattacker also has their eye on other such avenues like GIS maps or mobile trackers that supposedly show the spread of COVID 19 in real time, across the entire globe.

*Cash is no longer king:

As mentioned earlier in this blog, people all over are having a hard time to pay up.  Even the Cyberattacker is starting to feel the impacts of this trend, so cash is no longer king, but now, virtual currencies are now the prized item.  A large reason for this is that virtual currencies (such as that of Bitcoins) have a much harder time of being tracked down than versus the traditional paper money, or even credit cards for that matter.  But, given this spiked interest in anything and everything related to “Crypto”, has led to an increase in other services, such as how to even launch Cryptojacking attacks.  This is the situation where a Cyberattacker hijacks the processing and electrical power of your computer in order to illegally mine for the virtual currencies.

My Thoughts On This

Well, there you have it.  The top trends that occurring on a totally different kind of economy.  In fact, in many ways, it sounds a lot better than what we have in our legal economy.  But hopefully, with what is happening now, people will not turn over to the “Dark Side”. 

In fact, we need more people from this area to convert over to the “Good Side”, so that we can get their expertise to fight off the Cyberthreats that are happening now with COVID 19. It will be quite interesting to see how this dynamic changes in the coming months.