The field of hacking is a rapidly evolving one. As cybersecurity defenders develop new means of detecting and protecting against cyberattacks, hackers also work to find ways to bypass these new defenses.
One way in which the field of hacking has dramatically changed is the emergence of the hacker service economy. In the beginning, hackers operated as “lone wolves”, carrying out hacking campaigns largely independently. Over time, hacking groups have emerged, and, recently, hackers have begun offering their services to other hackers or consumers. These services can range from specialist support for a certain portion of a cybercrime (like a phishing attack) to offering complete cyberattacks as a service.
The primary effects of this service-based hacking economy are a change in the hacker demographic and the types and number of threats observed in the wild. The ability to rent the services of hackers means that far less experienced players can enter the world of cybercrime, and the number and intensity of attacks against website security has dramatically increased. As a result, organizations need to take additional steps to protect themselves against cyberattacks that are becoming increasingly common and damaging.
The Modernization of Hacking
In the beginning, hacking was primarily a hobby. Technology nerds who knew a great deal about how computers worked would try breaking into different systems just to demonstrate that they could. While their actions were technically illegal, in general, they weren’t hacking to do damage, so the impact was minimal.
Over time, hacking changed from a (mostly) harmless hobby to one where hackers would steal sensitive information and hack into systems for profit. As the Internet became a part of daily life, more and more data was being placed there by individuals and organizations. This data can be valuable to a number of different parties on the black market (for use in further crimes), so hackers who managed to steal a collection of sensitive data could sell it and get paid for their troubles.
Originally, hackers worked alone, and an effective hacker needed to know a great deal about a lot of things and acted as a jack of all trades. Over time, hacking became more team-based, where a group of hackers could each specialize in a certain component of the hack and the team split the profits. This dramatically lowered the bar for entering the field of hacking, allowing it to grow, and laid the groundwork of the hacker service economy.
The Hacker Service Economy
A crucial step in the development of the modern economy was the emergence of role specialization. While it is certainly possible for an individual or a group to remain entirely self-sufficient, it is unlikely that they will be incredibly effective at doing so. Most people can be very good at one thing or fair to middling at many different things. Role specialization allowed individuals to develop expertise in a certain area and improved the overall quality of goods and services available to everyone. Unfortunately, the development of hacking has followed the example of the legitimate economy. The emergence of hacking groups and specializations has led to the creation of a hacker service-based economy. Specialists in a certain field can sell their services to other hackers or consumers.
One example of cybercrime as a service is the concept of a Distributed Denial of Service (DDoS) attack as a service. In a DDoS attack, a large number of computers under the control of a hacker attempt to overwhelm a victim’s website, making it unavailable to legitimate traffic. With the rise of the Internet of Things (IoT), which consists of a large number of insecure Internet-connected devices, and cloud computing, which allows individuals to lease computing power, building botnets to perform DDoS attacks has become easy and affordable. A DDoS attack can be performed for as little as $7 per hour, making it possible for a hacker to sell them affordably, even with a substantial markup.
An example of a service offered by hackers for hackers is the concept of combolists as a service. Combolists are collections of breached user credentials for various online services. In a combolists as a service offering, hackers can subscribe to receive lists of breached credentials on a regular basis. These credentials can then be used in credential stuffing attacks, where hackers try breached username/password combinations on different sites in the hope that a user used the same credentials on multiple sites.
Impacts on Website Security
Distributed Denial of Service and credential stuffing attacks have always posed a threat to website security. DDoS attacks can render a website inaccessible to legitimate users and credential stuffing attacks may allow an attacker to gain unauthorized access to a user’s account.
However, the rise of the hacker service economy has increased the threat that these attacks can pose to organizations’ websites. These services make it easier for an attacker to access the data and talent necessary to perform these attacks, lowering the bar to enter the space. Instead of these attacks primarily being focused on targets chosen by experienced hackers, anyone can buy and target an attack, making any organization vulnerable to a disgruntled employee or a dissatisfied customer.
As a result, organizations need to take action to protect their web resources from the types of attack commonly offered as a service by hackers. A DDoS protection solution and a bot detection & prevention solution capable of detecting credential stuffing attacks have become a crucial component of any organization’s cybersecurity strategy.