OpenVPN Security Advisory: Dec 14, 2018
Action needed: Important update for OpenVPN Access Server

Cybercrime-as-a-Service

Recap from the August 20th, 2019 CISO/Security Vendor Relationship Podcast

by Lydia Pert

DDoS stands for Distributed Denial of Service and occurs when a single system crashes after being targeted by multiple systems to flood its bandwidth. DDoS attacks are the scourge of IT security, and one-third of all downtime incidents are attributed to DDoS attacks — and thousands happen every day. Are they created by sophisticated Bond-worthy cyber-villians in an underground lair? Probably not. Welcome to the world of cybercrime-as-a-service.

Most people have heard terms such as attacks-as-a-service, malware-as-a-service and fraud-as-a-Service — these phrases are commonly used to describe the practice of facilitating illegal activities for cybercriminals by providing illegal services. Police estimate that a mere one or two-hundred people are behind all of the cybercrime-as-a-service activities, and are the primary source of attack code and services that enable lesser skilled criminals to pay to see their crime of choice come to fruition.

If you can dream up a cybercrime, chances are there is already a service available to make it happen. Anyone can silence a competitor or cause havoc for just a few dollars a month — they just need to have a credit card or Bitcoin ready. As Steve Prentice explained, DDoS attacks can be easily accomplished by leasing access to botnets to exploit company security through phishing or brute force — and also breach unencrypted IoT devices. On top of this are types of software called stressors, which are supposed to be used to test your own company’s defenses, but can be used to illegally target other organizations.

Preventing Cybercrime-as-a-Service Attacks

As long as there are people around to keep these illegal services up-to-date and running, there will be subscribers utilizing them — and this opens the door to a world of crime. So what can business leaders do to protect themselves from these Cybercrime-as-a-Service attacks? Here are five steps that can help reduce the risk:

1. Develop an Attack Prevention and Response Plan

Develop a prevention plan based on a comprehensive security assessment, and have a plan in place for if a breach were to occur. If an attack hits, you won’t have time to get a plan into place — you will need to take immediate action. So it is crucial that you set a plan in advance so that you can handle the situation and recover as quickly as possible.
2. Secure Your Network Infrastructure

Mitigating security threats requires a layered approach — which includes advanced intrusion prevention and threat management systems that combine firewalls, a VPN like OpenVPN Access Server, anti-spam, content filtering, load balancing, and other defense systems. Combining these approaches allows comprehensive network protection to prevent attacks.

3. Practice Basic Network Security

The most basic way to prevent attacks is to prevent as much human error as possible. Employees should be trained on cybersecurity best practices — such as proper password habits, recognizing and avoiding phishing schemes, and how to handle sensitive data. Organizations should also have strong access control in place to reduce human error risk.

4. Maintain Strong Network Architecture

It is crucial to focus on overall network security — your business should ensure network redundancy, which means if one server is breached by attackers, the other servers can handle the extra network traffic. Servers should also be located in different geographical locations whenever possible, to make it more challenging for attackers to target.

5. Recognize the Warning Signs

Be sure to keep an eye out for red flags that could indicate a breach. Slower than usual connections, an increase in phishing emails or popups, mysterious computer behavior, inability to download important updates, and unfamiliar programs running in the task bar are all signs that your organization's systems might have been breached.

Wrapping It Up

At the end of the day, early threat detection is one of the best ways to prevent attacks. Cybercrime-as-a-Service can come in many different forms, and it is critical that potential threats are recognized, identified, and rectified as soon as possible. Any change to your network — no matter how trivial it seems at first glance — needs to be investigated and handled quickly. With proper systems to detect and react to cybercrime-as-a-service attacks, you will have an advantage and be able to keep your organization secure and protected.

Share