New Juniper-Sponsored Research by RAND Corporation on Cyber Black Markets Finds a Mature Economy Mirroring the Innovation and Growth of a Free Market
India, Bangalore – March 25, 2014 – Juniper Networks (NYSE: JNPR), the industry leader in network innovation, finds the cyber black markets have a mature economy with characteristics akin to those of a thriving metropolitan city. A new global report, sponsored by Juniper Networks and conducted by the RAND Corporation, reveals several economic indicators that cyber black markets have reached unprecedented levels of maturity and growth.
While there has been significant research measuring different parts of the hacker black markets, RAND’s report, “Markets for Cybercrime Tools and Stolen Data: Hackers’ Bazaar,” examines for the first time these markets in their entirety and applies economic analysis to better understand how they function. RAND found significant levels of economic sophistication, reliability, accessibility and resilience in the products, distribution channels and actors involved in the black markets.
RAND’s report, confirmed by Juniper’s vast experience in the network security ecosystem, suggests the cyber black markets are a mature and growing multi-billion-dollar economy with a robust infrastructure and social organization. RAND found these black markets, like any other economy, react to market forces like supply and demand, and continue to evolve.
Juniper Networks likens the hacker black markets to a thriving metropolitan city with diverse communities, industries and interactions.
Storefronts – Like other forms of e-commerce, many data records, exploit kits and goods are bought and sold from storefronts — which can encompass everything from instant messaging chat channels and forums to sophisticated stores. RAND found some organizations can reach 70 to 80,000 people, with a global footprint that brings in hundreds of millions of dollars.
Service Economy – RAND found that not only goods, but criminal services are available for purchase. These tools, sold on the black market as traditional software or leased like any other managed service, can help enable the most unskilled hackers to launch fairly elaborate and advanced attacks. For example, RAND found botnets, which can be used to launch a Distributed Denial of Service (DDoS) attack, are sold for as low as $50 for a 24-hour attack.
Hierarchal Society – Much like a legitimate business, RAND found it takes connections and relationships to move up the (cyber) food chain. Getting to the top requires personal connections and those at the top are making the lion’s share of the money.
Rule of Law – There is indeed honor among thieves. RAND found many parts of the cyber black market are well structured, policed and have rules like a constitution. In addition, those who scam others are regularly banned or otherwise pushed off the market.
Education and Training – RAND identified widely available tools and resources on the black markets that teach criminals how to hack, including instructions for exploit kits and where to buy credit cards. This access to training has accelerated sophistication, a broader set of roles and has helped facilitate entry into the hacker economy.
Currencies – Transactions in the cyber black markets are often conducted by means of digital currencies. Bitcoin, Pecunix, AlertPay, PPcoin, Litecoin, Feathercoin, and Bitcoin extensions such as Zerocoin are a few. RAND found many criminal sites are starting to accept only digital crypto currencies due to their anonymity and security characteristics.
Diversity – While RAND found cybercriminals from China, Latin America and Eastern Europe are typically known for quantity in malware attacks, those from Russia tend to be thought of the leader in quality. RAND also found areas of expertise and focus among different countries. Many Vietnamese criminal groups, for example, mainly focus on e-commerce hacks. Cybercriminals from Russia, Romania, Lithuania and Ukraine focus on financial institutions. Many Chinese cybercriminals specialize in intellectual property. And U.S.-based cybercriminals primarily target U.S.-based financial systems. In addition to a diverse set of cybercriminals, RAND also found more cross-pollination between these groups than ever before.
Criminals – Even the criminal cyber black market has criminals. Known as “rippers,” these specific bad guys do not provide the goods or services they claim.
The research report, “Markets for Cybercrime Tools and Stolen Data: Hackers’ Bazaar,” is based on in-depth interviews conducted by RAND between October and December 2013, with global experts who are currently or formerly involved in the market, including academics, security researchers, reporters, security vendors and law enforcement. It is the first of a series of reports from RAND that are sponsored by Juniper Networks.
“The security industry, government and legal communities must come together to establish new norms for how companies can more vigorously defend themselves against cyber-attacks. We must address the root cause behind the accelerated maturation of the cyber-crime market — the very economics that drive its success. By disrupting the economics of hacking we can break the value chains that drive successful attacks. We must never lose the moral high ground, however, so we cannot go on the offensive and hack back, but we can no longer remain passive. By using forms of active defense such as intrusion deception we can identify, thwart and frustrate attackers. Active defense is a promising and exciting approach for addressing the rapidly evolving threat landscape.”
Nawaf Bitar, senior vice president and general manager, security business, Juniper Networks
Juniper Networks Executive Summary: From Underground City to Thriving Metropolis – An Economic Analysis of the Cyber Black Market
RAND Corporation Report: Markets for Cybercrime Tools and Stolen Data: Hackers’ Bazaar
RAND Corporation Press Release
Interactive Timeline: A Decade in the Making – Cyber Black Market Maturity
Blog Post & Graphic: Black Market Prices: The Decline of Credit Cards and the Rise of Twitter
Blog Post: Making a Choice for Good over Evil; the Conundrum Facing Today’s Tech Geniuses
Insight into the World of Hacker Economics – Webcast Registration
The Next War Will Be Fought in Silicon Valley – Nawaf Bitar RSA 2014 Keynote