The Cyber Crime

Ecosystem
Dr Ram Kumar G, PhD, CISM, CRISC, PMP Topic 4
Cyber Security & Risk Leader
Overview 1.5 hours

• Cyber Crimes is Global Business

• Cyber Crime-as-a-Service
• How Cyber Crime Money is Stored?
• The Business of Cyber Crime
• Cyber Crime Price List
• What is Surface Web, Deep Web and Dark Web?
• Value of Personal Data
• Knowledge Check

2
Changing Attacker Profiles

State Sponsored
Organized Crime

• Cyber war, state

Hacktivist secrets, industrial
• Vandalism
espionage
• Fame and notoriety • Limited technical • Economic gain • Highly sophisticated
• Limited technical capabilities • Significant technical • Nearly unlimited
resources resources and resources
• Known exploits • Statement capabilities • Advanced persistent
• Relentless, • Established threats
emotionally syndicates
Criminal committed • Adware, crimeware,
• Vast networks IP theft
• Targeted attacks
Recreational

INCREASING RESOURCES AND SOPHISTICATION

The expansion of attacker types, their resources, and their sophistication.
Cyber Crime overtakes Drug trade!

4
Cyber Crime is multi-trillion $ business

5
6
Cyber Crime is Booming…

https://securityboulevard.com/2021/03/cybercrime-to-cost-over-10-trillion-by-2025/

7
Source: https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/
8
Cyber Crime Costs keep Increasing…
10
11
12
Cyber Crime Ecosystem

13
Cyber Criminal Ecosystem

14
They also have hierarchy!

15
16
17
Cyber Crime Sales Funnel

18
19
20
How Cyber Crime Money is Stored?

21
22
23
24
25
26
Dark Web Monitoring Information Types

Even Facebook has gotten in on the dark web, creating a version

of their site accessible via the Tor network, to let individuals living in areas
where Facebook is blocked gain access to the social network.

• Malware and Exploit Kits

• Credit Cards

• Login Credentials

• Files for Sale

• Scam Tools

• Tutorials

• Insider Threat for Hire

28
Cyber Crime-as-a-Service (CaaS)

29
34
35
36
37
News from the real world…

https://www.teiss.co.uk/533m-facebook-users-data-leaked-dark-web/

https://www.healthcareitnews.com/news/who-warns-about-fake-covid-19-vaccines-dark-web 38
Cost of Cybercrime

https://www.helpnetsecurity.com/2020/08/28/global-cost-of-cybercrime-per-minute/
39
40
What is PII?

Personally identifiable information (PII) is any data that can be used to

identify a specific individual.

Social Security numbers, mailing or email address, and phone numbers

have most commonly been considered PII, but technology has
expanded the scope of PII considerably.

It can include an IP address, login IDs, social media posts, or digital

images. Geolocation, biometric, and behavioral data can also be
classified as PII.

41
42
43
44
45
46
47
48
49
50
51
52
Knowledge Check

• No scoring 
54
Knowledge Check (1/5)

• Cyber Crimes are:

A.Borderless Crime

B.Don’t need deep technical skills to execute

C.Rewarding but illegal

D. All of the above

55
Knowledge Check (2/5)

• Crime-as-a-service is a reality in today’s cyber crime market

A. True

B. False

C. Partly True

D. None of the above

56
Knowledge Check (3/5)
• Money earned through cyber crimes are illegal

A. True

B. False

C. Partly True

D. None of the above

57
Knowledge Check (4/5)

• Which of the following is true?

A. Dark Web sites cannot be accessed by Google search

B. Surface Web sites can be accessed by Google search

C. Dark Web is a subset of Deep Web

D. All of the above are true

58
Knowledge Check (5/5)

• Cyber Crimes is poised to touch _______ by 2021

A. $6 trillion

B. $16 trillion

C. $140 billion

D. None of the above

59
Thank You!

60