Get your sinister laugh ready…for only $34 a month, you too can be a bad guy. According to the new cyber report from Deloitte, the entry level cost to enter a life of cyber-crime is so shockingly low that just about anyone can jump on the evil bandwagon.
According to KnowBe4, “When you picture a cybercriminal organization today, you should be thinking about a group of individuals who run their operations like a business; concerned with profit and loss, looking for ways to execute as inexpensively as possible, while yielding the largest return. But what you don’t necessarily need to have in that vision is an organization with a large cash reserve.”
Deloitte’s recent report, Black-market ecosystem: Estimating the cost of “Ownership”, suggests that the cost of running a campaign is so low, it’s downright reasonable as a business model for even the smallest cybercriminal business.
At this cheap price, I could get my nails done or hack a few businesses on a Saturday afternoon.
Here are the entry level costs:
The numbers lead us to a few conclusions:
Crime Will Spread: Cybercriminals have discovered the franchise model. They are now in the business of building evil tools and selling off their use. Ouch…
Lines are Blurring Between Good and Bad: It’s incredibly cheap for anyone wanting to engage in cyberattacks to do so without incurring a ton of cost up front. This incentivizes desperate people in suffering economies to choose to forage instead of to produce-to pick crime instead of a life of integrity.
Security is Never More Crucial: Gone are the days of hiring your 20 year old nephew to handle your IT. Simple security measures will no longer cut it.
Cybercriminal organizations are in the market competing for the sales of their criminal products(just like the good guys) – and that means they are developing the most effective and impactful bad guy software possible, and improving on it daily.
What to do?
To combat the cyber crime invasion, businesses need to have a layered defense in place that includes protecting the entire perimeter (email and internet), the endpoint (anti-virus, endpoint protection, etc.), and the user (with Security Awareness Training). Using a multi-layered defense that includes the user, organizations reduce the risk of the majority of attacks that rely on social engineering (e.g., phishing, vishing, and smishing) to compromise endpoints or users.
Because money is no longer a barrier to hackers and the threat of crime is increasing daily, organizations need to be more prepared than ever to defend their business.
If you need assistance with a cybersecurity plan for your business give DarkHound SecOps a call at 714-463-6145 or contact us at [email protected]