Why are there so many data breaches? A growing industry of criminals is brokering in stolen data


PTI, Oct 30, 2022, 11:53 AM IST

Representative Image (Source: iStock)

New details have emerged on the severity of the Medibank hack, which has now affected all users.

Optus, Medibank, Woolworths, and, last Friday, electricity provider Energy Australia are all now among the household names that have fallen victim to a data breach.

If it seems like barely a week goes by without news of another incident like this, you would be right. Cybercrime is on the rise – seven major Australian businesses were affected by data breaches in the past month alone.

But why now? And who is responsible for this latest wave of cyber-attacks? In large part, the increasing number of data breaches is being driven by the growth of a global illicit industry that trades in your data.

In particular, hackers known as “initial access brokers” specialize in illegally gaining access to victim networks and then selling this access to other cybercriminals.

The cybercrime ecosystem

Hackers and initial access brokers are just one part of a complex and diversifying cybercrime ecosystem. This ecosystem contains various cybercriminal groups who increasingly specialize in one particular aspect of online crime and then work together to carry out the attacks.

For example, one of the fastest-growing and most damaging forms of cybercrime – ransomware attacks – involves malicious software that paralyzes a victim’s device or system until a decryption key is provided following the payment of a ransom.

Ransomware attacks are big business. In 2021 alone, they earned cyber criminals more than USD 600 million. The huge amounts of money to be made in ransomware, and the rich abundance of targets from all around the world are fostering the development of a vast ransomware industry.

Ransomware attacks are complex, involving up to nine different stages. These include gaining access to a victim’s network, stealing data, encrypting a victim’s network, and issuing a ransom demand.

Specialist criminals

Increasingly, these attacks are carried out not by lone cybercriminal groups, but rather by networks of different cybercrime groups, each of which specializes in a different stage of the attack.

Initial access brokers will often carry out the first stage of a ransomware attack. Described by Google’s Threat Analysis Group as “the opportunistic locksmiths of the security world”, it’s their job to gain access to a victim’s network.

Once they have compromised a victim’s network, they typically sell this access to other groups who will then steal data and deploy the ransomware that paralyzes the victim’s computer systems.

There is a massive and growing underground market for this type of crime. Dozens of online marketplaces on both the dark web and surface web offer services from initial access brokers.

Their access to companies can be purchased for as little as US$10, although more privileged, administrator-level access to larger companies often commands prices of several thousands of dollars or more.

Responding to the growing cyber threat

Over the past month, we have seen several instances of cyber criminals forgoing actual ransomware. Instead, they sought to directly extort companies by threatening to publicly release any data they have stolen.

While not as devastating as a ransomware attack, data breaches can cause serious financial and reputational damage to an organization (just ask Optus chief executive Kelly Bayer Rosmarin), not to mention major problems for any customers or clients who now have their private information released online.

In the final six months of 2021, more than 460 data breaches were reported to government authorities. Even more worryingly, this number is almost certainly an underestimate.

While companies with a turnover of more than AUD 3 million are required by law to report data breaches involving personal information, most small businesses are not subject to mandatory reporting laws.

Therefore, they have little incentive to report a data breach that could scare off customers and damage their brand.

Taking action against cybercrime

So what can we do about it? In the first instance, companies need to rethink their approach to data. Data should be treated not simply as an asset that can be freely held and traded in, but also as a liability that needs to be carefully protected.

Some experts are calling for Australia to follow the European Union’s approach and introduce stricter corporate regulations that better protect consumer data.

This week the federal government also introduced plans to fine companies that do not maintain sufficient cyber security and suffer repeated data breaches.

Reforms like this could help, particularly in preventing relatively unsophisticated data breaches, like the one that recently affected Optus.

On the other hand, punitive fines towards victims could further strengthen the hand of entrepreneurial cyber criminals – they could try to leverage these fines to further extort their victims.

There is no silver bullet to solving the threats posed by cybercriminals. At a minimum, both government and industry must continue to work together to improve our cyber defenses and resilience. Through research, we must also work to better understand the global cybercrime ecosystem as it continues to evolve.

 

By James Martin, Senior Lecturer in Criminology, Deakin University, and Chad Whelan, Professor of Criminology, Deakin University (The Conversation)

Udayavani is now on Telegram. Click here to join our channel and stay updated with the latest news.

Top News

Actress Kasthuri released from jail, says ‘I thank those who made me raging storm’

Kidnapped for ransom in 1998, 26/11 survivor Gautam Adani faces biggest trial

100 engineering colleges in Karnataka to be ‘adopted’ by corporates by next year: IT Minister Kharge

Siddaramaiah defends BPL ration card cancellation, says only ineligible beneficiaries affected

China announces new policy measures to protect its exports from Trump’s new tariff threat

Renovated Medical Oncology OPD and Chemotherapy Day Care Centre inaugurated at Kasturba Hospital, Manipal

Karnataka Health Minister justifies revision of user fees in state-run hospitals

Related Articles More

BTS2024: If India can make rocket sensors, it can also make car sensors, says ISRO chief Somanath

World COPD Day: Know your lung function

SpaceX successfully launches ISRO’s 4,700 kg communication satellite from US

As AI and megaplatforms take over, the hyperlinks that built the web may face extinction

Plastic waste could double by 2050, researchers find, suggest policies to address issue

MUST WATCH

Christmas Cake Fruit Mixing

DK Shivakumar

Rose Cultivation

Geethotsava

Naxal Operation


Latest Additions

Siddaramaiah says confident of winning all three bypolls in Karnataka

Hop on! IT Minister Priyank Kharge checks out Uber Shuttle at Bengaluru Tech Summit

Actress Kasthuri released from jail, says ‘I thank those who made me raging storm’

Kidnapped for ransom in 1998, 26/11 survivor Gautam Adani faces biggest trial

AIMPLB to hold its annual general sessions in Bengaluru from November 23

Thanks for visiting Udayavani

You seem to have an Ad Blocker on.
To continue reading, please turn it off or whitelist Udayavani.