Trend Micro Incorporated today published new research detailing how criminal groups start behaving like corporations as they grow bigger, but that this comes with its own attendant costs and challenges.
To read a full copy of the report, Inside the Halls of a Cybercrime Business, please visit:
https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/inside-the-halls-of-a-cybercrime-business
A typical large organization allocates 80% of its operating expenses to wages, with the figure similarly high (78%) for small criminal organizations, according to the report. Other common expenses include infrastructure (servers/routers/VPNs), virtual machines, and software.
The study outlined three types of organizations based on size, using examples where Trend Micro collected the most data from law enforcement and insider information.
Small criminal businesses (e.g., Counter Anti-Virus service Scan4You):
- Typically, one management layer, 1-5 staff members, and under $500K in annual turnover.
- Their members often handle multiple tasks within the group and also have a day job on top of this work.
- Comprise the majority of criminal businesses, often partnering with other criminal entities.
Medium-sized criminal businesses (e.g., bulletproof hoster MaxDedi):
- Typically have two management layers, 6-49 employees, and up to $50m in annual turnover.
- They usually have a pyramid-style hierarchical structure with a single person in charge.
Large criminal business (e.g., ransomware group Conti):
- Typically have three management layers, 50+ staff, and $50m+ in annual turnover.
- Feature relatively large numbers of lower management and supervisors.
- Implement effective OPSEC and partner with other criminal organizations.
- Those in charge are seasoned cyber-criminals and hire multiple developers, administrators, and penetration testers – including short-term contractors.
- They may have corporate-like departments (e.g., IT, HR) and even run employee programs, such as performance reviews.
According to the report, knowing the size and complexity of a criminal organization can provide critical clues to investigators, such as what types of data to hunt for.
For example, larger criminal entities may store employee lists, financial statements, company guides/tutorials, M&A documents, employee crypto wallet details, and even shared calendars to probe.
Understanding the size of targeted criminal organizations can also allow law enforcers to prioritize better which groups should be pursued for maximum impact.
Like this:
Like Loading...
Related
This entry was posted on April 3, 2023 at 1:14 pm and is filed under Commentary with tags Trend Micro. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Wages Dominate Cybercrime Groups’ Operating Expenses: Trend Micro
Trend Micro Incorporated today published new research detailing how criminal groups start behaving like corporations as they grow bigger, but that this comes with its own attendant costs and challenges.
To read a full copy of the report, Inside the Halls of a Cybercrime Business, please visit:
https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/inside-the-halls-of-a-cybercrime-business
A typical large organization allocates 80% of its operating expenses to wages, with the figure similarly high (78%) for small criminal organizations, according to the report. Other common expenses include infrastructure (servers/routers/VPNs), virtual machines, and software.
The study outlined three types of organizations based on size, using examples where Trend Micro collected the most data from law enforcement and insider information.
Small criminal businesses (e.g., Counter Anti-Virus service Scan4You):
Medium-sized criminal businesses (e.g., bulletproof hoster MaxDedi):
Large criminal business (e.g., ransomware group Conti):
According to the report, knowing the size and complexity of a criminal organization can provide critical clues to investigators, such as what types of data to hunt for.
For example, larger criminal entities may store employee lists, financial statements, company guides/tutorials, M&A documents, employee crypto wallet details, and even shared calendars to probe.
Understanding the size of targeted criminal organizations can also allow law enforcers to prioritize better which groups should be pursued for maximum impact.
Share this:
Like this:
Related
This entry was posted on April 3, 2023 at 1:14 pm and is filed under Commentary with tags Trend Micro. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.