“With Love” is written on the website of the cybercrime group “Vice Society”. Its members recommend themselves as “reliable” blackmailers who have turned their hobby of hacking into a profession and who, after payment, are guaranteed to release the encrypted data “clean” again. These advertised corporate values are hard to beat in terms of cynicism for the reader of “Underground Economy”, although these values should preferably be counted as part of the basic attitude of professionally acting cyber criminals. Thanks to an often intrinsically motivated driving force and in combination with a widely ramified, global, anonymous network, criminally active hackers are – to date – usually one step ahead of cybercrime investigators. Or as former Federal Councillor Doris Leuthard writes in the foreword of the book “Underground Economy” (p. 8): “The ever-increasing targeting of organisations on the net is accompanied by ever more competent attackers. Because the cybercriminals, unlike some companies, have not been asleep in recent years.”
The authors Otto Hostettler and Abdelkader Cornelius explain in their book “Underground Economy. How Cybercriminals Threaten the Economy and States” what was missed so far in terms of prevention – a publication that could not be more relevant, given that currently and globally, a company is blackmailed by cybercriminals every 11 seconds (for comparison: in 2015, this figure was said to be 2 minutes; see p. 38).
Hostettler Otto, Cornelius Abdelkader, Underground Economy. How cybercriminals threaten the economy and states, 189 pages, Verlag NZZ Libro, Zurich 2022.
Details of the book on the website of the publisher NZZ Libro.
The underground economy explained
For their book “Underground Economy”, Hostettler and Cornelius spoke with hackers, IT experts, cybercrime specialists and victims of cyberattacks. On more than 170 pages, they provide insights into the worrying developments in the criminal hacker scene. In an accessible reportage style and with interspersed short case descriptions – for example, from the first malware “Brian” in 1986 to the perfidious attack on the US company Colonial Pipeline in the spring of 2021 – the authors explain the cybercrime development from the early, exclusively experimental white-hat hacking during the 1980s, also called ethnic hacking, to ransomware early forms to today’s criminal manifestations with “ransomware-as-a-service” models. “Ransomware offers now exist in a wide variety of forms, and they are even advertised on the relevant marketplaces. Because: competition also works among extortionists,” the authors write (p. 86). This means that extortion groups that do not want to program the malware themselves can rent existing (and proven) malware as a package and, if necessary, develop it further according to their own needs (and offer it again on the market in an expanded form “for rent”). The authors continue (p. 86): “A trial month is available for 120 dollars, a six-month subscription for 490 dollars, and a year’s use costs 1900 dollars. The package includes all the various features needed to place the software on the company’s network, encrypt the data, contact the company, and finally decrypt the data again. Plus, of course, impeccable support. The return on investment is huge.” Whereby experts assume an ROI of at least 60,000 dollars per month. Some extortion gangs even want to actively optimize the ransomware they use by paying rewards when other users of their software report discovered vulnerabilities or bugs – “Make Ransomware Great Again” thanks to bug bounty programs (see heise.de).
The book addresses ambivalent touch points between the underground economy and globally operating intelligence services, highlights the use of cybercrime in dictatorships, looks at the role of cryptocurrencies such as Bitcoin and Monero in this context and describes recent developments such as the Corona pandemic as a digitalisation accelerator and thus also as a cybercrime accelerator – keyword home office as a gateway into company networks. Of course, it is not possible to cover all these hotspots in detail on 170 pages but the read of “Underground Economy” opens up an impressive and even disturbing overview of this topic, especially for those new to the subject. Because after reading it is clear that the times of phreaking, script kiddies and crackers are over – cybercrime became a highly professional exploit industry from which everyone must start protecting themselves with precautionary, systematically and consistently implemented measures sooner rather than later. What is to be done?
The last chapter of “Underground Economy” is dedicated to the question of what one can do as a private person and as a company regarding internet use in order to protect oneself from cyberattacks. Readers with an affinity for the topic will hardly find any new points here, especially since most of these can also be read elsewhere in media reports. However, the prevention goal of this book stands and falls with the heeding of these tips, whereby the reviewer also finally had to do his homework in this regard after reading “Underground Economy” – namely a change of the Internet browser used as well as a systematic use of 32-digit, strong passwords and a password manager (Firefox Lockwise with a main or master password is one possibility). Other tips such as regular backups on external data carriers, activated firewall, professional virus protection, regular system updates and awareness in dealing with phishing and spam mails have been followed by the reviewer for quite some time. These preventive measures are no guarantee of security against cyberattacks – but they can make things much more difficult for attackers. Reading “Underground Economy” – especially as it is easily accessible and of convenient text length – can only be recommended. The authors Otto Hostettler and Abdelkader Cornelius succeed in shaking up the readers with commitment but without falling into a panic mentality, and in giving them concrete recommendations for measures that can be implemented in everyday (business) life with manageable effort. Your move.
Further information about cybercrime and cyber security can be found on the blog 143bis.ch (https://143bis.ch/) of our partner LAYER 8.