Menace 2 The Wires: Advances in the Business Models of Cyber Criminals

Today, the profits generated by cybercrime worldwide are somewhere between $50 billion and $100 billion per annum, flirting with the revenues yielded by the 'historic' business of trading illegal drugs.
However, as the public becomes aware of the situation, user education and global security policies tend to improve as well. To sustain profitable balances - or simply to optimize their gains - money-driven cyber criminals are pushed to innovate, to polish their social engineering methods and to go as far as taking physical action to implement their business logic. While companies are not spared, their targets of choice remain the average user. You, me, anyone.
While 'Dirty Money on the Wires' [1] was a snapshot of the most 'traditional' business models among the cyberunderground scene over the past two years, this paper will go deeper underground, closer to the culprits: based on quantified data, light will be shed on new - or anticipated - business models, following the evolution of cyber criminals as we are entering the Web 2.0 era, and as borders between crime and cybercrime become thinner every day.


Today, the profits generated by cybercrime worldwide are somewhere between $50 billion and $100 billion per annum, flirting with the revenues yielded by the 'historic' business of trading illegal drugs.
However, as the public becomes aware of the situation, user education and global security policies tend to improve as well. To sustain profitable balances - or simply to optimize their gains - money-driven cyber criminals are pushed to innovate, to polish their social engineering methods and to go as far as taking physical action to implement their business logic. While companies are not spared, their targets of choice remain the average user. You, me, anyone.
While 'Dirty Money on the Wires' [1] was a snapshot of the most 'traditional' business models among the cyberunderground scene over the past two years, this paper will go deeper underground, closer to the culprits: based on quantified data, light will be shed on new - or anticipated - business models, following the evolution of cyber criminals as we are entering the Web 2.0 era, and as borders between crime and cybercrime become thinner every day.

References

Virus Bulletin Conference 2007