The increase in cyberattacks against businesses indicates that the age-old perception of cybercriminals being lone hackers conducting attacks may no longer be valid. A recent report suggests that cybercriminals are now part of an organised crime enterprise driven by demands on the dark web and the marketplace.

According to a collaborative research report by BT and KPMG, cybercriminals now function similar to businesses, conducting extensive research on victims and launching successful large-scale attacks by blackmailing and/or bribing employees to gain access to sensitive information.

Mark Hughes, CEO Security, BT, said: "The industry is now in an arms race with professional criminal gangs and state entities with sophisticated tradecraft. The twenty-first century cybercriminal is a ruthless and efficient entrepreneur, supported by a highly developed and rapidly evolving black market. Businesses need to not only defend against cyber-attacks, but also disrupt the criminal organisations that launch those attacks. They should certainly work closer with law enforcement as well as partners in the cyber security marketplace."

Paul Taylor, UK Head of Cyber Security, KPMG, said: "It's time to think differently about cyber risk – ditching the talk of hackers – and recognising that our businesses are being targeted by ruthless criminal entrepreneurs with business plans and extensive resources – intent on fraud, extortion or theft of hard won intellectual property."

According to the report, "digital crime currently costs the world in the region of $400bn every year". It adds that while new malware and malicious campaigns are created and launched "every second", existing and old malicious tools also remain functional, adding more weapons to cybercriminals' arsenal.

Cybercrime ramping up thanks to organised criminal entrepreneurs driven by dark web market demands
Cbercriminals are now part of an organised crime enterprise, delivering to and driven by demands on dark web marketplaces. iStock

Organised cybercrime syndicate

The report sheds light on instances where international police cooperation was necessitated in order to apprehend cybercriminals running massive scam operations. "In December 2015, an Interpol operation that took down call centres in China, Hong Kong, Korea and Vietnam involved law enforcement from more than 23 countries. Fifteen call centres were taken down and 500 people arrested. This not only indicates the scale of the criminal operation but also the effort needed to take effective action," the report states.

Researchers also found that 99% of malware is used only "under one minute" before the codes are changed, in efforts to evade detection. It was also found that recent "botnet takedowns" have put cybercriminals on the offensive, who are now improving their own security and "developing new modus operandi".

Highlighting the need for businesses to not only be aware of existing cybercriminal exploits but also fight back against malicious entities, the report points out: "On a pay-per-use basis, it can cost as little as $0.50 to install malware on individual PCs, and a DDoS attack costs just $5 per hour10 to mount but more than $40,000 an hour11 to defend against.

To take the fight to a well-resourced and sophisticated enemy, sustained by a dark market that develops attack tools and strategies more effectively than legitimate organisations build defences, we must develop a streamlined and coordinated approach that sees businesses working together with law enforcement."