Just yesterday I wrote an article called How Smartphones Are Phished & How To Avoid It. As cyber crime and computer security continue to dominate the news and the Twitter stream, we have the opportunity to learn more about how it works and how web criminals operate their businesses.
Until recently, I’ve never really thought about the personal aspect of cyber crime as it relates to the criminal. When I think about it, I always think about the victim, and I rarely ever even imagine what the person committing the crime looks like. Believe it or not, these criminals are not all young, street smart, technical wizards wearing a black mask and operating out of their basement. As a matter of fact, most of them are not making a ton of money off their attacks, contrary to what we might envision.
It’s an industry with a hierarchy just like any other. The big criminals hire the little criminals to do their dirty work, and unless you’ve worked your way up the cyber crime food chain, it’s not a glamorous job that pays a lot of money. Right now, the going rate for hacking 1,000 email accounts is $5. For distributing a denial-of-service attack that disables a website for an hour, you will get paid about $8. Solving 1,000 captchas is only worth $1. The underbelly of the cyber crime scene is suddenly looking even more destitute and desperate, isn’t it?
Just this past week, Stefan Savage gave an incredible one-hour presentation about the current state of cyber crime at the annual USENIX technical conference. The video of this funny and very educational speech was just posted to YouTube, and I wanted to share it with you right away. Whether you are the Webmaster of a very successful site or an individual who wants to know how the whole process works, you will find this to be very informative.