Unleashing the Hidden World of Cybercriminals: The Growing Threat of Cybercrime-as-a-Service

Unleashing the Hidden World of Cybercriminals: The Growing Threat of Cybercrime-as-a-Service

Welcome to Razorwire, the podcast where we cut through the tangled web of cybersecurity to bring you the latest insights and expert analysis. Victor Acin and Oliver Rochford, two esteemed guests, are with me in today's episode.
In this episode, we’re exploring the dangerous world of cybercrime as a service and its implications for individuals, organizations, and even nation-states.
Join us this week as we unveil the dark side of cybercrime. Victor, the Head of Threat Intelligence at Outpost 24, shares his expertise on the rise of cybercrime as a service. Discover how cybercriminals have adapted their tactics, the motivations driving their actions, and the alarming ease with which they operate.
Stay ahead of the game with insider knowledge from Oliver's research, where he discusses the striking similarities between cybercrime services and legitimate tech services. Learn about the techniques used by cybercriminals to infiltrate organizations and exploit their vulnerabilities.
Whether you're a seasoned professional or just starting your cybersecurity journey, this episode offers some excellent, practical advice for strengthening your defences. We share some effective ways to protect against credential theft, insider threats, and targeted attacks. Hear about tried and trusted remedies recommended by our experts that can make a significant impact on securing your organization.
So, if you're a cybersecurity professional looking to expand your knowledge and sharpen your skills, join us on Razorwire as we unravel the intricate world of cybercrime as a service.

In this episode, we covered the following:

  • The evolution of cybercrime into an as-a-service model, where specialised services and infrastructure are available to carry out different elements of cyberattacks
  • The low barriers to entry for new cybercriminals of this business-like model
  • The recent rise in credential theft through the use of simple malware toolkits which allow even unskilled cybercriminals to distribute malware and steal credentials at scale
  • Established cybercrime groups that offer ransomware and even entire cyberattack infrastructure in an as-a-service model. This comes complete with support services for affiliates conducting attacks
  • The flexibility offered to cybercriminals from a modular services model which offers mix and match attack components from different providers specialising in access, malware, ransomware, money laundering etc.
  • How cybercriminals choose, or decide against, their victims
  • How the rise of untraceable cryptocurrencies has removed obstacles to monetising and laundering profits from cybercrime, fuelling growth
  • Whether or not having easy access to cybercrime services could facilitate corporate espionage and what examples we have
  • The importance of threat intelligence - understanding the motives, tools and trends in cybercrime is vital context for effectively securing against the evolving threat landscape

GUEST BIOS

Oliver Rochford
Oliver has worked in cyber security as a penetration tester, consultant, researcher, and industry analyst for over 20 years. Interviewed, cited, and quoted by media, think tanks, and academia, he has written for SecurityWeek, CSO Online and Dark Reading. While working at Gartner, he co-named the Security Orchestration, Automation and Response (SOAR) market, worked on the SIEM Magic Quadrant, and also covered the European MSSP Market. In past lives, Oliver worked for Qualys, Verizon, Gartner, Tenable and Securonix and is currently Chief Furitist at Tenzir, where he works on product strategy and marketing.

Victor Acin
Victor Acin has been working in threat intelligence since 2016 and is now leading the Kraken Labs unit at Outpost24, performing tasks related to the generation of threat intelligence (mainly reverse engineering of malicious samples and research of global actors) and the development of the department's internal products, such as the malware analysis sandbox. In addition, he has also worked as an ethical hacker, performing penetration tests against web applications, external and internal infrastructure, and mobile devices.

Other episodes you'll enjoy

Lessons from an InfoSec Icon: A Fireside Chat with PCI Guru Jeff Hall
https://www.razorthorn.com/lessons-from-an-infosec-icon-a-fireside-chat-with-pci-guru-jeff-hall/

Cyber Insurance: Does It Create More Problems than it Solves?
https://www.razorthorn.com/cyber-insurance-does-it-create-more-problems-than-it-solves/

For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com.

Linkedin: Razorthorn Security
Youtube: Razorthorn Security
Twitter: @RazorThornLTD
Website: www.razorthorn.com