Connect with us

Hi, what are you looking for?

White Papers

Trend Micro report shows how criminal organizations come to resemble legitimate businesses as they grow

Knowing the size and complexity of a criminal organization can provide critical clues to investigators, such as what types of data to hunt for. Understanding the size of targeted criminal organizations can also allow law enforcers to priorities better which groups should be pursued for maximum impact.

Trend Micro Incorporated  published a new research uncovering the inner workings of cybercrime organizations. The report, Inside the Halls of a Cybercrime Business, examined the operations of small, medium, and large criminal groups. The report details a day in the lives of employees and how they operate within hierarchies that increasingly resemble legitimate businesses as the group expands. 

While small cybercrime groups typically consist of a few members operating under a partnership model — most of whom usually have day jobs on top of their role in the group — employees of larger organizations tend to lead lives similar to corporate workers at legitimate software companies. Large cybercrime organizations tend to have corporate-like departments such as human resources (HR) and information technology (IT), and might even have “employee-of-the-month” recognition programs and performance reviews.

Ian Felipe, Country Manager, Trend Micro Philippines, shares, “The criminal underground is rapidly professionalizing — groups are beginning to mimic legitimate businesses that grow in complexity as their membership and revenue increases. At the same time, many Filipino businesses are grappling with high cyber risk levels and a challenging threat landscape. In a recent survey we conducted, nearly 40% of Filipino IT leaders rated their organization’s cyber risk levels as at the very least high, and nearly half of businesses believe that it is impossible to futureproof their cybersecurity as threats are always changing. To that extent, understanding cybercriminal operations can go a long way in helping to stay ahead of threats and enhance cyber preparedness. This report will aid investigators in the ongoing fight against cybercrime by helping them better understand the entities they are dealing with.”

Using examples where Trend Micro collected the most data from law enforcement and insider information, the report examined three types of cybercrime organizations based on size. 

Advertisement. Scroll to continue reading.

Small criminal businesses (e.g., Counter Anti-Virus service Scan4You):

  • A day in the life of an employee: Members often handle multiple tasks within the group and also have a day job on top of this work
  • Typically, one management layer, 1-5 staff members, and under US$500K in annual turnover
  • Comprise the majority of criminal businesses, often partnering with other criminal entities

Medium-sized criminal businesses (e.g., bulletproof hoster MaxDedi):

  • A day in the life of an employee: Members work full-time for the group, managing various tasks within an eight-hour shift 
  • Typically have two management layers, 6-49 employees, and up to US$50m in annual turnover
  • They usually have a pyramid-style hierarchical structure with a single person in charge

Large criminal business (e.g., ransomware group Conti): 

  • A day in the life of an employee: Members work from home based on a rigid, predictable schedule, and communicate frequently with their line manager about productivity and performance — similar to remote workers at legitimate corporations
  • Typically have three management layers, 50+ staff, and over US$50m in annual turnover
  • Implement effective OPSEC and partner with other criminal organisations
  • Those in charge are seasoned cybercriminals and hire multiple developers, administrators, and penetration testers – including short-term contractors
  • They may have corporate-like departments (e.g., IT, HR) and even run employee programs, such as performance reviews

Knowing the size and complexity of a criminal organization can provide critical clues to investigators, such as what types of data to hunt for. Understanding the size of targeted criminal organizations can also allow law enforcers to priorities better which groups should be pursued for maximum impact.

To read a full copy of the report, visit https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/inside-the-halls-of-a-cybercrime-business.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

ELECTRONICS

Philips EasyKey partnered with Megaworld and equipped their world-class properties with only the best-in-class smart locks we have on offer, the Philips EasyKey 9300.

HEADLINES

The PLDT wireless unit is also calling on customers to report these messages to Smart’s HULISCAM portal for further action.

HEADLINES

Here are some tips from Sophos for staying secure online during the cybersecurity awareness month.

HEADLINES

While only 21% of hackers believed that AI technologies enhance the value of hacking in 2023, 71% reported it to have value in 2024....

HEADLINES

Kaspersky has enhanced its Kaspersky Industrial CyberSecurity (KICS), a native XDR Platform for industrial enterprises, and streamlined Managed Detection and Response (MDR) for Industrial...

HEADLINES

Smart has received reports about unscrupulous individuals pretending to be company executives or representatives of organizations asking for donations for made-up or nonexistent relief...

HEADLINES

Located in the Kaspersky office, the new facility will provide the company’s stakeholders with services ranging from an overview of Kaspersky’s practices, to a...

HEADLINES

Smart and Maya emphasize that they never send SMS with links requesting login credentials, personal information, or account verification. If you receive such a...

Advertisement