EN
New research presented during Black Hat 2021 in Las Vegas on Wednesday reveals the important role of amateur, and amateurish, players in sustaining the cybercrime ecosystem.
The cybercrime underground is often portrayed as driven by a small number of highly motivated and capable actors with criminal intent — bot herders, ransomware masterminds and spy chiefs. But new research suggests it is sustained by a huge penumbra of individuals simply trying to earn a living off the internet — a portion of whom over time drift into criminal activity.
“What we conclude from our analysis is that there is a large informal workforce evolving at the periphery of the malware industry that is necessary to its operation,” Masarah Paquet-Clouston, a security researcher for GoSecure, told a virtual session at the Black Hat security conference in Las Vegas Wednesday.
She compared these “drifters,” moving from the informal economy to the cybercrime ecosystem, to the street level dealers and enforcers — often drug addicts themselves — who make the operations of transnational drug cartels possible. “They’re not the masterminds behind … the cartels. But if we take them off the streets, maybe we can tackle the [drug] problem differently,” she said.
