View All R&D Articles

Malware Report Sheds Light on Underreported Cybercrimes

February 7, 2018

cybercrime malware reportA New York Times report revealed that law enforcement investigating cybercrimes can face many challenges including incomplete data, outdated statistical categories, and a lack of funding for cyber divisions. These problems hinder the solving of not just digital crimes, but of real-world crimes with a cyber aspect — such as illegal Fentanyl sales distributed through the dark web.

An illustrative example is the “cheating husband” scheme. Swindlers compose a message that threatens to expose a husband’s infidelities unless a ransom is paid. The scammers send the email to thousands of people, hoping to find a guilty and gullible victim among them. Unfortunately for the police, people who fall prey to these schemes rarely report the crime due to embarrassment. In this particular instance, one of the targets of the scheme contacted the Nashville Police Department.

However, even when victims report these crimes, local police departments don’t have a method of tracking or warning other jurisdictions about them. The FBI created the Internet Crime Complaint Center in 2000, but Donna Gregory, who heads the center, admitted only about 10 percent of cybercrimes are ever reported.

To make reporting easier and more uniform, the National Academies of Sciences, Engineering, and Medicine are currently working to modernize local and federal crime-classification systems. The hope is that with better data, local police departments and the FBI will be able to better address cybercrimes.

Cybersecurity companies can offer greater insight into the world of internet crime.

Law enforcement agencies may be overwhelmed by the breadth of digital crimes occurring, but IT security firms must stay ahead of hackers to remain in business. Their daily interactions in detecting and stopping attacks leaves them with a trove of valuable data.

Malwarebytes recently released their 2017 fourth quarter report on the evolving tactics and techniques of hackers. The report detailed shifting but unrelenting threats from cybercriminals. For instance, after the major ransomware attacks last year, development and distribution of that particular type of malware slowed. In its place, attackers deployed spyware, banking trojans, and hijackers — all of which are designed to steal sensitive data and distribute more malware.

Mining has increased as cryptocurrency grows in popularity and value.

Bitcoin and a multitude of newer digital currencies have received increasing media attention as their prices skyrocketed and then crashed. While the cryptocurrency market has lost about half of its value since mid-December, many investors see this as a simple correction due to overzealous buyers late last year. Cryptocurrency is here to stay, and there is money to be made from it.

Of course, that means cybercriminals are getting in on the game. Sophisticated hackers have found vulnerabilities in cryptocurrency code to steal vast sums of digital money. That’s what happened to Japan’s CoinCheck, which was taken for $534 million in a late-January heist.

However, there’s a more mundane way of making cryptocash that’s on the rise — mining. Cryptomining occurs when people volunteer computing power to a cryptocurrency’s network. In exchange for running software that validates transactions, miners occasionally earn coins. Hackers have invented a method called drive-by mining to receive the rewards of cryptomining while using unwilling victims to provide the computing power.

These drive-by mining programs can run on a computer without the victim ever knowing it (except for seeing a decrease in computer speed). Malwarebytes claims to have blocked over 100 million drive-by mining attempts in a single month, which means this is a major new threat for security firms.

The report’s 2018 predictions indicate that consumers and businesses must remain vigilant.

Malwarebytes believes that drive-by cryptocurrency mining will continue as long as digital currencies keep their value. The security firm also warns that hackers could use the Internet of Things to mine cryptocurrency as well as perpetrate DDOS attacks. Finally, the report’s authors believe the use of leaked exploit codes in 2017 will continue this year unless the governments who discover the vulnerabilities begin disclosing them.

The ever-shifting tactics of hackers shows how hard of a job the National Academies of Sciences, Engineering, and Medicine have in codifying a classification system for cyber-attacks. However, without recording and sharing this information in a formalized way, law enforcement will continue struggling to keep up with cybercriminals.