Last updated at Mon, 30 Oct 2023 20:05:20 GMT
Just like other industries have adopted the as-a-service model, cyber threat actors are doing the same by selling easy access to tools, instructions, target lists, and even hackers for hire.
The concept of hacking as a service has created a pay-to-play environment that allows amateurs to quickly develop attacks that are far beyond their skill level. This lowers the barrier of entry, meaning cybercriminals only need basic skills to launch common attacks, including phishing, distributed denial of service (DDoS), and targeted hacking. It also increases the rate at which threat actors can launch attacks, meaning companies need to defend against more hackers, who are launching attacks at a higher volume.
In this post, we’ll share examples of hacking services we found posted on dark web forums and discuss what steps organizations should take to protect themselves from this growing trend.
Phishing as a service
Pulling off a successful phishing attack used to require a skilled blend of technical knowledge and social engineering to create a legitimate looking campaign. Today, much of the hard work can be bought online, bundled into “phishing kits,” which are software packages that streamline the process of copying a site design and uploading it to a web server as a phishing site.
A phishing kit may include:
- Fake Domain: preferably deceptively similar to a known legitimate site
- Fake Login Page: preferably one that resembles the original
- SMTP Server: one of several methods to send a large amount of spam anonymously
- Bulk Mailer Software
- Leads: lists of target email addresses
Phishing kits don’t just enable hackers to run their own phishing campaign, but enable them to run them quickly in an effort to avoid detection. In the past, phishing websites might be live for days to weeks, today they can be live for only a few hours.
DDoS as a service
DDoS attacks can shut down online services by flooding the network with traffic from a large number of devices. Attackers can now purchase DDoS packages on the dark web with enough traffic to overwhelm a service.
Hackers for hire
For threat actors who can’t find a service that sells the attack they are looking for, or are planning a job too big for one person to do alone, there are hackers for hire who lend their expertise for a price. If an attacker can think it, there is a hacker who is willing to do it.
How to protect against hacking as a service
The Hacking-as-a-Service market is thriving and continuing to add new services. The ability for novice hackers to quickly launch advanced attacks has increased the number of threats that companies must deal with.
So, how can you combat these threats?
- Dark Web Monitoring: Sometimes, you must go behind enemy lines to get good intelligence. Make sure you have a process in place to search through dark web black markets, pastebins, and chat rooms looking for insider threats, hackers for hire, chatter, etc. This will help you identify attacks proactively.
- Phishing Domain Monitoring: New phishing websites are constantly being created. Develop a process for identifying new phishing domains and potential attacks so you can block the domain with your security devices and initiate takedown requests with the registrar. This will help you be proactive rather than reactive in defending against phishing.
- Social Media Monitoring: Cybercriminals often imitate brands online to fool unknowing customers and phish information from them. Fake company pages on popular social media sites are one of the most effective ways to do so, so make sure you can identify and takedown these pages before they fool your customers.