AN HP WOLF SECURITY REPORT
The dark web has supercharged the cybercrime economy like nothing before it.
By providing an anonymous online environment in which cybercriminals can collaborate, organize, hone their skills and establish illicit shops, the dark web has allowed cybercrime to evolve into a multi-faceted,
reputation-sensitive service industry.
This report, produced by HP Wolf Security in collaboration with Forensic Pathways1– and alongside
security experts in both industry and academia – identifies how cybercriminals are now operating
on a professional footing with easy-to-launch malware and ransomware attacks being offered on
a “Software as a Service” basis. As a result, even people with rudimentary IT skills are now able to launch
cyberattacks at targets of their choosing.
“Digital transformation has supercharged both sides of the attack-defense divide – shown, for instance, by the increasing popularity of ‘as a service’ offerings. This has democratized malicious activity to the point where complex attacks requiring high levels of knowledge and resources – once the preserve of advanced persistent threat (APT) groups – are now far more accessible to a wider group of threat actors,” says Alex Holland, Senior
Malware Analyst at HP Wolf Security’s Threat Research team – and author of this report.
These complex attacks are also being fueled by the data breaches that have left billions of personal
credentials available on dark-web markets for minimal sums. Many of the malware variants and exploits that are used in ransomware and data extortion attacks sell for less than $10. It’s perhaps little surprise that the FBI estimates cybercrime losses in the US alone were running at an astonishing $6.9 billion in 2021
“Digital transformation has supercharged both sides of the attack-defense divide.”
Alex Holland, Senior Malware
Analyst at HP Inc
Yet, while it can feel as though the odds are stacked against cyber defenders, there are huge opportunities to improve our defenses. In many ways, it is simply a case of mastering the basics. While the impact of cyberattacks has increased, and tools and techniques have evolved, the key attack vectors have remained relatively unchanged. This presents defenders with the chance to challenge whole classes of threat and enhance resilience.