Light Dark
September 21, 2017 By Shane Schick 2 min read

The opportunity to commit cybercrime is becoming cheaper than ever, thanks to malware-makers who have adopted the software-as-a-service (SaaS) model, according to a research report from SecureWorks.

Cybercrime Aided by Affordable Malware

In its “2017 State of Cybercrime Report,” SecureWorks highlighted the emergence of malware, which is relatively affordable and available through a wide variety of underground markets.

Even those without a particular skill set in breaching IT systems can now buy tools that could steal information or cause other damage to an individual or organization, the report said. Some of the malware products on offer include spam botnets, binaries that have been precompiled and other tools.

As ZDNet reported, some of the findings in the SecureWorks report suggested that you can access stolen information for less than most people spend on coffee every week. For instance, in some cases it only costs $10 to acquire personal records or credit card data that was lost in a data breach.

Social Engineering and Ransomware Emerge as Largest Threats

Of course, cybercrime can come in many different forms from a variety of malicious actors, but business email compromise (BEC) was among the to threats SecureWorks tracked.

BEC refers to techniques whereby threat actors send a message as though it were coming from a senior executive within an organization demanding the transfer of funds, information or both. It’s a form of fraud based on social engineering that has skyrocketed since last year, based on FBI data cited in the SecureWorks research.

Ransomware continues to gain traction as well, with SecureWorks experts discovering 200 different forms of the cybercrime threat in 2016, SC Magazine pointed out. Some of the variants are better designed than others, of course, but the research pointed to Android smartphones as a growing target.

In its coverage of the SecureWorks report, the Business Standard said that consumers would likely be horrified to find out how inexpensive it has become to carry out cybercrime or purchase data. They would probably be equally alarmed at the complexity of the underground internet of various threat actors.

A low price point and plenty of wares? That’s a bad combination for cybercriminals’ next potential victims.

 |  |  | 
Shane Schick
Writer & Editor

More from

July 26, 2024

Hive0137 and AI-supplemented malware distribution

12 min read - IBM X-Force tracks dozens of threat actor groups. One group in particular, tracked by X-Force as Hive0137, has been a highly active malware distributor since at least October 2023. Nominated by X-Force as having the “Most Complex Infection Chain” in a campaign in 2023, Hive0137 campaigns deliver DarkGate, NetSupport, T34-Loader and Pikabot malware payloads, some of which are likely used for initial access in ransomware attacks. The crypters used in the infection chains also suggest a close relationship with former…

July 25, 2024

Unveiling the latest banking trojan threats in LATAM

9 min read - This post was made possible through the research contributions of Amir Gendler.In our most recent research in the Latin American (LATAM) region, we at IBM Security Lab have observed a surge in campaigns linked with malicious Chrome extensions. These campaigns primarily target Latin America, with a particular emphasis on its financial institutions.In this blog post, we’ll shed light on the group responsible for disseminating this campaign. We’ll delve into the method of web injects and Man in the Browser, and…

July 24, 2024

Crisis communication: What NOT to do

4 min read - Read the 1st blog in this series, Cybersecurity crisis communication: What to doWhen an organization experiences a cyberattack, tensions are high, customers are concerned and the business is typically not operating at full capacity. Every move you make at this point makes a difference to your company’s future, and even a seemingly small mistake can cause permanent reputational damage.Because of the stress and many moving parts that are involved, businesses often fall short when it comes to communication in a crisis.…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature