September 21, 2017 By Shane Schick 2 min read

The opportunity to commit cybercrime is becoming cheaper than ever, thanks to malware-makers who have adopted the software-as-a-service (SaaS) model, according to a research report from SecureWorks.

Cybercrime Aided by Affordable Malware

In its “2017 State of Cybercrime Report,” SecureWorks highlighted the emergence of malware, which is relatively affordable and available through a wide variety of underground markets.

Even those without a particular skill set in breaching IT systems can now buy tools that could steal information or cause other damage to an individual or organization, the report said. Some of the malware products on offer include spam botnets, binaries that have been precompiled and other tools.

As ZDNet reported, some of the findings in the SecureWorks report suggested that you can access stolen information for less than most people spend on coffee every week. For instance, in some cases it only costs $10 to acquire personal records or credit card data that was lost in a data breach.

Social Engineering and Ransomware Emerge as Largest Threats

Of course, cybercrime can come in many different forms from a variety of malicious actors, but business email compromise (BEC) was among the to threats SecureWorks tracked.

BEC refers to techniques whereby threat actors send a message as though it were coming from a senior executive within an organization demanding the transfer of funds, information or both. It’s a form of fraud based on social engineering that has skyrocketed since last year, based on FBI data cited in the SecureWorks research.

Ransomware continues to gain traction as well, with SecureWorks experts discovering 200 different forms of the cybercrime threat in 2016, SC Magazine pointed out. Some of the variants are better designed than others, of course, but the research pointed to Android smartphones as a growing target.

In its coverage of the SecureWorks report, the Business Standard said that consumers would likely be horrified to find out how inexpensive it has become to carry out cybercrime or purchase data. They would probably be equally alarmed at the complexity of the underground internet of various threat actors.

A low price point and plenty of wares? That’s a bad combination for cybercriminals’ next potential victims.

More from

Government cybersecurity in 2025: Former Principal Deputy National Cyber Director weighs in

4 min read - As 2024 comes to an end, it’s time to look ahead to the state of public cybersecurity in 2025.The good news is this: Cybersecurity will be an ongoing concern for the government regardless of the party in power, as many current cybersecurity initiatives are bipartisan. But what will government cybersecurity look like in 2025?Will the country be better off than they are today? What are the positive signs that could signal a good year for national cybersecurity? And what threats should…

FYSA – Adobe Cold Fusion Path Traversal Vulnerability

2 min read - Summary Adobe has released a security bulletin (APSB24-107) addressing an arbitrary file system read vulnerability in ColdFusion, a web application server. The vulnerability, identified as CVE-2024-53961, can be exploited to read arbitrary files on the system, potentially leading to unauthorized access and data exposure. Threat Topography Threat Type: Arbitrary File System Read Industries Impacted: Technology, Software, and Web Development Geolocation: Global Environment Impact: Web servers running ColdFusion 2021 and 2023 are vulnerable Overview X-Force Incident Command is monitoring the disclosure…

2024 trends: Were they accurate?

4 min read - The new year always kicks off with a flood of prediction articles; then, 12 months later, our newsfeed is filled with wrap-up articles. But we are often left to wonder if experts got it right in January about how the year would unfold. As we close out 2024, let’s take a moment to go back and see if the crystal balls were working about how the year would play out in cybersecurity.Here are five trends that were often predicted for…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today