VIEW 15
Hacking return on investment
Targeted or random?
The dark web has developed so fast that you can now conceive of it as an economy in its own right. If the dark web were a country, then Ireland would be a good proxy with a population of 5m and a GDP of $350bn (7). The dark web has its own central bank in the form of Bitcoin which has daily transaction volumes of $11bn. Of this, maybe 10% represents illegal activity rather than currency speculation.
As in a developed economy, there is a high degree of specialisation in the dark web with the formation of complex supply chains. So, for example, an expert in crafting phishing emails with a high click rate, sells them on to a ransomware expert who has previously bought a malware kit from another third party. Any data that is successfully exfiltrated can then be sold on again to an outfit that specialises in handling stolen credit card details. This is a mirror of the real economy where the transformation of raw materials into finished goods for consumers is a journey that passes through many intermediaries.
Honour amongst thieves
Maybe the most surprising thing about the dark web is the discovery that there is in fact honour amongst thieves. A study of the dark web by the London School of Economics in 2017 found that online satisfaction ratings for shops on the dark web were extremely high, with a negativity rate of less than 3%. As with Amazon and eBay, reputation for online shops is everything even if what they are selling is illegal. Even more surprising are the online help desks, if the malware kit you purchased does not work you can call the vendor for support, just as you can with Microsoft.
The sophistication of the dark web economy means that hacking is best comprehended as a return on investment equation. The costs of multipurpose hacking tools - kits that enable you to steal data from a small company with rudimentary cyber defences - have fallen dramatically in recent years. What used to cost thousands of dollars can now be bought on the dark web for little more than $100. Conversely, developments in crypto currencies and an increasingly sophisticated distribution chain have increased demand for stolen data pushing sale prices up. This means the return on investment for a cybercriminal has been improving from both ends.
It is possible we are close to a turning point in this cycle. The huge supply volume of stolen data now offered for sale has meant prices have begun to fall. In addition, the increased capability of cyber defences through biometrics and two factor authentication have required more sophisticated, and therefore more expensive, hacking tool kits.
