The Mind of the Misunderstood Cybercriminal
There are a number of misconceptions about cybercrime and those who engage in it. To a cybercriminal, there is no target that is special unless they have a grudge or beef with a particular entity, and as a rule, they will often cast their net wide and then move to attack the easiest prey they find.
Security specialists must never underestimate the actions of a cybercriminal. Records are easily shared and sold, and they are highly valued. This is especially the case when personal and medical information is the focus.
Any plan that the security professionals design must be focused on these types of crimes. They must also be aware of any upcoming threats and ensure that all proper backups of data are in place.
What are the Common Misconceptions Associated with Cybercrime and Cybercriminals
The most common misconception about cybercriminals that is often observed is that these people have diverse experience and skills, which allow them to initiate a huge range of cyberattacks. This would mean that they would earn a large amount of money as a result. However, the truth is, many of the cybercriminals out there use automated software, which means they don’t require much training at all. According to a recent survey, the vast majority only make from $1,000 to $2,000 a month. But as many as 20 percent of cybercriminals are making more than $20,000 a month.
Who are the Criminals Behind Cyber Crimes?
For the most part, those who commit cybercrimes have a clean criminal record and do not have any ties to any organized groups. These criminals usually also have a stable job during the day and participate in these cybercrimes in their free time. Often, these people are introduced to cybercrimes during college, and many remain active in the industry for several years after they begin.
The other cybercriminals have a bit of a different background. These people belong to cybercriminal syndicates that work within a hierarchy. There are highly skilled members of these groups, and each have certain responsibilities to ensure the success of their organization.
Generally, these groups are controlled by a “boss,” who is the mastermind. They are typically highly educated, intelligent, and some are often connected with the banking industry, as they must arrange for things like money laundering. Additionally, these groups often include people who are professional forgers, as they often require fake documents to serve as paperwork to “prove” their schemes, and then the group needs those skilled in hacking, software engineering, and other technical operations. Some of the groups also include those familiar with law enforcement, as they are skilled with things such as gathering information and counter-intelligence.
What is often so surprising is that members of these groups are often highly respected members of their communities, and many are seen as successful people in business. These people are also often connected to hospitality, real estate, or the automotive industry.
These people do not think of themselves as regular criminals, and they rarely cross paths with others whom the general public might deem as “criminal.” They usually hide in the shadows and avoid any actions that might bring attention to them.
To avoid all of this, it is best to use the assistance of a professional. They are familiar with how these communities run and how they react to certain actions. There are a number of way to research the dark web in a secure and safe manner without risking the integrity of your organization, but the professionals are best for this job. It is also important for businesses to utilize security teams. This ensures that they are capable of obtaining the data and stimulating the environment.
Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.