This week I learned about a new and terrifying way that hackers are conducting their attacks against us, and that is through the concept of ‘cybercrime-as-a-service’. A great article produced by zdnet found here walks through a cybercrime-as-a-service named BlackTDS that allows cybercriminals to learn their trade and be assisted in their attacks utilizing a variety of different means. As zdnet points out, this could include “hosting and configuration of the components of a sophisticated drive-by attacks, as well as support for social engineering” (Palmer, 2018). While these features are scary enough, BlackTDS offers their services at a relatively low cost allowing a much smaller barrier of entry for those wishing to do these. It appears that this site began to advertise that it could do these services around the end of the year, and also deliver their attacks through fake updates from major software companies.
Some takeaways I got after reading this article was that we need to do our best to shut down these types of sites as soon as they are uncovered. While many of these sites are situated on foreign soil, we should be reaching out to countries to help in shutting these criminals down and removing their site from the internet. The next big take away from all of this is making sure that any software update you receive from any company is first verified to be from the company you think it is. This can be a bit hard as most updates are received from automatic installers, but we should do our best to verify that these automatic installers are legit, and do not install any updates to any software from a random site that is not the original software site.
Sources Cited: Palmer, D. (2018, March 15). Cyber-crooks find a new way to share malware and scams. Retrieved March 16, 2018, from http://www.zdnet.com/article/cyber-crooks-find-a-new-way-to-share-malware-and-scams/#ftag=RSSbaffb68
No comments:
Post a Comment