If there is one takeaway to draw from the world of modern cybercrime, it is how good attackers have become at running their racket. Tools and exploits that were once the domain of the well-funded and technically proficient are now commercially available in bulk to even the most inchoate fraudster. This has produced a thriving marketplace of goods - from point-of-sale malware kits to ransomware-as-a-service - that rival the actual economy, and can enrich both the buyers and the sellers.
In a word, cybercrime has become democratized. If one believes the reward is worth the risk, it is astonishingly simple (and cheap) to join the action to send spam, distribute malware and acquire personal information. But the market is structured in such as a way - with so many different roles and responsibilities - that participants can earn huge amounts of money without ever launching an attack.
Like legitimate companies, cybercriminal enterprises invest in marketing, research, human resources, customer support and sales. They also measure their success through the same performance indicators as your company does, including profit margins, operational efficiency and customer retention. Due to this professionalization, the business of cybercrime has surged to at least a $500 billion-a-year cost center for victims, with projections bordering on the jaw-dropping by the end of the decade.
But what goes up can come down. Like legitimate businesses, cybercriminal organizations are also at the mercy of the market - if they can be undermined through a groundswell of resistance, subversion and sabotage, they won't survive. How can you help put a dent in this market? It starts by making the work of these outfits and their customers harder, and costing them time and money. You can accomplish this through three fundamental ways.
1) Deter Malware
2) Discover and Patch Vulnerabilities
3) Monitor and Detect Threats
As the 2016 Trustwave Global Security Report showed, the cybercriminal underground is fueled by vulnerabilities (from SQL injection to out-of-date Flash software to weak passwords), exploits that take advantage of those vulnerabilities, and malware delivered by those exploits (from ransomware to trojans to rootkits). Preventing malware on the fly without the need of signatures, unearthing and attending to weaknesses across your databases, networks and applications in advance of your adversaries, and detecting intrusions before your data is exfiltrated will help you not only stay secure - but also gnaw away at the very thing that makes you a target in the first place: cybercriminal profits.
Dan Kaplan is manager of online content at Trustwave and a former IT security reporter and editor.