Now They Want Us Well Done or Full-Swing Victimization By Cyber Criminals
OK, so it’s finally happened, as one very talented person sang on a different occasion (though, perhaps, not so different because it is going not-so-slightly mad indeed). There are open head-hunting going on online by cons, scoundrels or what have you, for that is exactly what malicious software makers are. For ransomware is just a new way to get into your pocket – and into your ID in many cases, as well. And they are now practically openly offering boatloads of money (in the region of $100,000, in fact, according to the latest statistics from KELA) and recruiting cyber-middlemen to do exactly that. Only, as it often happens in the trade claiming to be legal, it is phrased in the form of a more respectably sounding euphemism “initial access”. Like we don’t know access to what exactly they want to buy.
But alas, many of us apparently don’t. And that is a significant part of the reason why it all came to that. Being naive is not a crime by any stretch of imagination, but as the time goes by (and life gets more and more digital along the way), it is becoming more and more of a luxury even a private person cannot afford, let alone large companies and corporations. Yet, it turns out, they are increasingly falling victims to the organizations such as the rather transparently named Lockbit or Blackmatter. According to the aforesaid statement by KELA, those groups (and many similar others), while still operating on the darkweb, are looking to, shall we say, purchase their way into well-reputed major market players – first of all American ones, but there is interest expressed in Western European corporations as well – on such a scale that it can now be considered an industry in and of itself. A shadow one, but an industry nevertheless, and, judging by growing demand, there must be quite a supply. (And this sort of clients are now picky as well: the report says they won’t even look at the firms from less lucrative countries, such as Russia or some Eastern European economies, or of less profitable nature, like education establishments or non-commercial foundations).
In other words, they won’t longer even stoop to wasting their precious time and effort on individuals (who knows, maybe the robocalls will at least soon become a thing of the past? yeah, right, we know, fat chance…) They are now practicing a wholesale approach, buying us in droves straight from the manufacturer, so to speak (or a generator, to be more precise). Moreover, to add insult to injury, a very popular way among them to do so is a protocol which we normally actually associate with additional safety: the VPN. Now, the dangers of remote access to our desktops most of us are already more or less aware of now and mostly won’t be giving it away easily to any authoritatively-sounding voice coming from our smartphone (although…) There have been enough articles and speeches explaining how often this vehicle is exploited to make someone rich at your expense (or, quite often, even to make someone else into you, depriving you of your own identity in the process). But when something designed in fact to protect you turns out to be an undercover agent within your computer, about as destructive as any trojan (if not more)… Then again, that’s the nature of any undercover agent – to look friendly while doing its shady job, is it not?
And the worst thing is, those generators, major players, large corporations are turning out not much wiser than we regular Jack and Jills are (which to a point stands to reason, considering that they are, after all, made of people too, up to the highest echelons, and, even more importantly, down to the lowest rank employees who are nevertheless somewhat close to that coveted initial access). Or, if you want to be – perhaps, sometimes justifiably – paranoid, they are occasionally turning out not all that ethical as their codes purport them to be. But in any event, a substantial amount of offers to those handsomely paying access buyers have been discovered online, and the data offered in exchange for this payment come from all kinds of legitimate enough sources, be that e-commerce platforms or supposedly as secure as all get out Microsoft Exchange Servers. OK, we recognize how ironically this last one sounds, but, kidding aside, it is becoming really serious now that you don’t even need to make any careless misstep yourself to get yourself in trouble and your data vulnerable. Unless, of course, we consider any dealing online with any firm, including the most respectable ones, to be a careless undertaking. Which situation seems to be right around the block, ready to materialize, unless something is done soon about companies like Citrix, Cisco, Palo Alto etc., all but making themselves ready-made victims of shady cyber dealers.
Why The U.S. Can’t Stop Cyber Attacks [Video]
Video uploaded by CNBC on June 9, 2021