While the true direct cost of cyber crime may be open to debate, there is little doubt that profits are being made by stealthy, motivated and organized hackers, while law-abiding “cyber citizens” continue to be on the losing end. Bank and credit fraud continue unabated, and while the public has gotten somewhat smarter about refusing the age-old bait that exposes them to attack, cyber crime has grown to epic if not epidemic proportions, prompting agencies like the FBI to give it top billing as a national threat. Money continues to be siphoned from banks at a disheartening rate as indicated by the American Bankers Association. The most recent Account Takeover Survey sees the number rising steadily, with 314 accounts re-
ported hacked in the first half of 2011.
Yet the question remains, just how much money is being gained by these hackers, the ones who directly target online capital? Are they really growing wealthy from these illicit gains, or are they getting by on what might be considered, in the end, a “working man’s” wage? Are the risks worth the reward for these criminals, or do they spend their days in constant worry that their next hack or black market identity sale may be their last?
According to a recent report, cyber crime (as a whole) comprises a 12.5 billion dollar business worldwide, and the preponderance of the industry resides in Eastern European countries. The report, released by Group-IB, a leading Russian cyber crime investigation unit, says that of the total market, Russians and Russian speakers make up nearly one half. Where once these criminals were scattered and dispersed, largely working solo, they have purportedly consolidated into organized groups, and generate their funds primarily through online fraud, spam and “C2” (cybercrime to cybercrime) services. By deploying crimeware such as the Zeus or SpyEye Trojans, these hackers are not only able to directly access automated clearing houses, bank accounts and point of sale systems, but also make their money by hijacking computers worldwide to surreptitiously host bots and serve as spamming and
More you will find at http://pentestmag.com/scada-as-pentest-0612/