Have you ever wondered just who are the bad guys that do cyber attacks?
Well, in this three-part series of cyber security fundamentals by Onsite Logic, we’ll be talking about the three main players— the big guys, the little guys, and the local connection guys.
Little guys. The little guys, just like the large ransomware gangs, are thieves.
They are looking to capitalize on the amount that people pay in ransom and extortion and extracting money from any way they possibly can. But they are looking more for the less organized, the easier marks and hits.
They’re the ones who predominantly are preying on smaller businesses. They will often license software that’s been developed by the ransomware gangs and run ransomware as a service or attack as a service in the same way that you or I might license QuickBooks online or Microsoft 365 or even use Google Drive and Google apps and pay a monthly fee like we would salesforce.com. So they’re doing the same thing, but they’re doing it with software that’s built to manage and to run attacks.
The profit margin on this is very large. They can license the software for as little as a couple of hundred dollars, and the return on that investment can be in the millions often.
But they’re just running IP address by IP address or entering information that they may have extracted from someplace else, some passwords, or some entities that they know might be vulnerable because they picked up a list again a marketing list on the dark web from something that was compromised somewhere else.
These individuals exist everywhere in the world. And unlike the big gangs, which tend to center just within some of the nation states that are condoning or at least turning a blind eye to it, we see the little guys, the individual operators operating everywhere but again under a little bit of a cloud of darkness because they will use VPN connections to mask where they actually are that they’ll VPN into Russia or Iran or China, and from there they will then launch the attacks that will go on. Or they will VPN and then VPN back into a local server and run a text from there as well, so they’re able to bounce off of different places to mask where they’re really showing up.
But there have been arrests throughout the United States, in Canada of individuals that have run these types of attacks that have done very well financially from the illegal activity.
Stay tuned for part 3 of Who Are the Bad Guys and don’t hesitate reach out with questions about cybersecurity and for help with protecting your business!