Unmasking the Organised Cybercrime beyond the Hoodies

Unmasking the Organised Cybercrime beyond the Hoodies

Organised crime moving to the digital space to run criminal operations is one key to understanding modern digital security. A clear insight into the Digital Transformation impact on the criminal landscape and Security and Cyber Security is vital to be prepared for the new digital crimes and risk environment. In response to the cybercrime evolution, it is crucial to develop digital security programs that can provide valuable data-driven insights to help cybersecurity teams prevent breaches and safeguard company assets in the digital realm.

We won’t explain the digital revolution here as it is part of our daily lives whether we want it or not. This digital revolution affects almost all aspects of our private and professional lives: devices, apps, social networks, shopping and so on. It has forced to change business models, customer journeys, behaviours and ways of communicating between humans. When was the last time you visited a bank office? That you booked a restaurant by making a call? Do you remember the last time you sent a postcard or a letter? Do you remember when you physically visited a travel agency to book a flight ticket? Now, let’s ask some easy questions: how much do those companies and organisations know about you? Your family? Your children? Your company? Your professional life? Your employees? Your partners?

Another thing that has had such a significant impact on our society is the COVID-19 pandemic. One of the most considerable consequences of the pandemic was the influence on digital transformation. It was, by far, the most crucial accelerator for adopting the digital room as a real space for humans to interact, move and exist. In many countries, digital space became, for an extended period, the only real joint space to socialise, work, and shop, with colleagues, family, and friends. The combination of the pandemic and digital transformation has even changed how we work; now, we talk about hybrid workplaces, home offices, etc., in a completely different way.

This tremendous change might be more accessible or not for people to adapt, but it is here to stay and to develop human relations. There is one “kind of activity” that enjoys and takes advantage of this situation to find a much better position to run their line of business: Organised crime. Regardless of the report we have access to, we will read that organised crime is moving to the digital space.

We’re not talking about the picture of young hackers in a hoodie trying to hack into networks and systems. We are talking about the traditional brutal and heartless organised crime that only cares about money and benefits, regardless of the damage.

We are talking about Ransomware as a Service, organised almost like a company, sextortion using fake videos, organised fraud in so many different forms, selling secrets or data, espionage, using the digital black-market arena to sell access to networks, companies, executives, or any other aspect that might be of interest. They will target hospitals or schools, critical infrastructure or small businesses, or just random attacks based on findings in the digital space; anything that can help to make easy money.

It is not only organised crime moving to the digital space; it is a big part of our lives moving out there. It is in that digital space where digital criminals meet our digital vulnerabilities to exploit them for criminal activities. Organised crime has learned to use OSINT (Open Source Intelligence) and DARKINT (Dark Source Intelligence) to find vulnerabilities to compromise our reputation, systems, networks, businesses or strategies. Those vulnerabilities directly connect to organisations’ operational, reputational, legal and compliance risks.

We should be thankful to the IT Security and Cybersecurity teams that have been and are helping us protect our networks, systems, and information repositories. But we owe them some help to carry out their work in a much more complex world today, not only including the IT World but the whole digital scene where criminal minds meet their targets today. This means around the digital security perimeter involving very much the human factor and the digital footprint of assets (physical, digital, information or IT assets).

This is what we do in Sally. We help cybersecurity teams and professionals to minimise their digital risk exposure using OSINT and DARKINT to find digital vulnerabilities that might be used against them to compromise their networks, systems, business, reputation, etc. We deliver those insights structured and categorised by risks or attack vectors to our customers to enrich and complement their cybersecurity work by seeing their assets from a different perspective. We deliver actionable Intelligence in the form of exposed vulnerabilities highly used by cybercriminals, such as credentials, botnets, info-stealers, leaked documents or malicious domains.

We believe that the whole idea of implementing Intelligence in the information security work is to get ahead of criminals by adopting a data-driven security approach from the outside that will help mitigate the digitally exposed vulnerabilities before they might find them and use them to perform attacks.

We have the knowledge to do it—more than that, we have created our own methodology to implement intelligence processes in a company easily. We have the data; we have access to privileged data from data breaches, such as credentials, botnets, info stealers, PII attributes etc. And we have the company’s people that have implemented Intelligence Operation Centers in several companies and countries. We have the experience and the partnership to do so in small and big companies.