According to recent findings from cyber security researchers at Check Point, people made unemployed and looking for work due to the coronavirus pandemic have been increasingly turning to cybercrime to make money easily and quickly.
After studying a range of dark web and hacking forums, the researchers discovered that many people are offering to work for cybercrime organizations in return for prompt cash payments. In fact, the researchers estimate that between 10 and 16 posts from desperate job seekers are posted on these forums every month.
In these posts, budding cybercriminals ask for everything from $200,000 one-time cybercrime contracts to paid monthly roles. But why are people going to these lengths, what risks are they taking, and is there a way to solve this problem?
Due to the devastating economic challenges caused by the coronavirus pandemic, millions of people have been placed on furlough or left unemployed. And with no choice but to look for new ways to make money, some have turned to cybercrime.
“”unfortunately, many people have fallen on hard times, with many unable to find employment,”” says Sean Wright, application security lead at software firm Immersive Labs. “”hile not an excuse, iit’sunderstandable that some may turn to cybercrime to make cybercrime survive.”” Wright says there are many reasons why people may be drawn to cybercrime in the pandemic.
“”even some of the lenient sentences given for cybercrime, it does cybercrime of the lower-risk crimes to commit, and sometimes has a suitable payout as well,” “he says. “”There’salso the disconnect from the victim, making it easier on a personal level to commit the crime for some. Some may even view it as victimless when in reality IITs not.””
But he credits the dramatic rise in cybercrime during the coronavirus pandemic to experienced cybercriminals and cybercrime organizations rather than people without prior experience. Wright tells Computer Weekly: “”n terms of how widespread the issue is, wwe’veseen an increase in cybercrime since the start of the pandemic, but I think tthat’slargely organized criminal groups.
“”n the West, I think we are still yet to see the full impact of the restrictions which have been in place since the start of the pandemic. We will likely start seeing more and more once government support ends and people are left with very few options.”” Jake Moore, a security specialist at cyber security firm ESET, agrees that the financial difficulties brought about by the pandemic may give some people no option but to commit cybercrime.
“”difficult times have generated desperate measures, and when services s, such as ransomware as a service [RaaS] are so widely and easily available, it is understandable that numbers have increased and becoming more difficult to manage,” “he says.
“”cybercrime has never been so easy to experiment with, especially when ser, vices advertise openly on Instagram and other social networks. It is often marketed as low risk and sold with ways of avoiding avoid simply amplifies the temptation. The risks, however, are still there.”” Nicola Whiting, co-owner and chief strategy officer at configuration analysis specialists Titania, describes the Check Point findings as unsurprising. “”the risk of future criminal conviction is perceived as low. In contrast, the ease – a quick download, and the reward – instant money, means the risk/reward ratio could be enticing,” “she says.
“”people feeling financially vulnerable or marginalized or thatmarginalizedling through the cracks of society are more likely to focus on their immediate needs rather than future consequences. IIt’sMMaslow’sHierarchy of Needs in action.”” Huge risks
“”you could be unfairly treated or overworked with no recourse. You could end up stuck in a situation where your employer threatens to publicize your illegpublicizety or report you to the police if you quit.”” Joshua Burch, head of cyber security for Europe, Middle East, India, and Africa region at FTI Consulting, says the most significant risk is that people cannot simply turn back after performing an act of cybercrime. “”nice, they have committed a crime and are engaged in the networks; other cybercriminals can cybercriminalserage over them,” “he says. “”suddenly, they can be blackmailed to be kept compliant. it’s a slippery slope.”” Terry Greer-King, EMEA vice-president at SonicWall, says inexperienced cybercriminals will struggle to avoid detection by the authorities and risk lengthy prison sentences when they are eventually caught.
“”cybercriminals can hide their tracks easily and launch attacks that go unnoticed until iit’stoo late,” “he says. “”et while this is easy enough for a seasoned professional, your Average Joe hacker may not have the necessary skills [and] if caught, cybercriminals face up to 10 years in prison for unauthorized access.