What The Heck Is A Cyber Gang?
Often, when we think about cybercriminals or hackers, we think of a person — one person. And, yes, there are individual cybercriminals out there, causing havoc for many people through cybercrime activity. But there are also organized groups of cybercriminals working together to execute cybercrimes. They are called cyber gangs.
Cyber gangs function similarly to small businesses. Each group of individuals, each with their own specific set of skills, works together towards one common goal. In this case, the goal is cybercrime. The make-up of a cyber gang may vary, but the common positions include:
· Team Leader: the contact running the operation.
· Coders: those that develop the malware, spyware, ransomware, etc.
· Network Administrator: the contact responsible for taking over the online services or devices of an organization.
· Intrusion Specialist: the contact that ensures the malware/spyware/ransomware remains on the network/device/etc. and that the network is exploitable.
· Data Miner: the contact that is able to identify the valuable data/information and extract that data in a usable and clean format.
· Money Specialist: the contact that determines the most appropriate way to make money from the various types of data that is extracted.
The organization works together to execute the cybercrimes that benefit them. And, according to a US cybersecurity firm, FireEye, there are more than 1,900 hacking groups (a.k.a. cyber gangs) active today. That means that there are 1,900 organizations out there, containing multiple individuals, all focused on executing targeted cybercrimes.
Let us put a bit more context to the 1,900 cyber gangs out there. Cyber gangs fall into three categories:
· Nation-State Sponsored threat actors (APTs)
· Financially Motivated groups (FINs)
· Uncategorized groups (UNCs)
The APTs are sponsored by a nation-state, which means groups are leveraging cyber activity to advance national interests, gather intelligence, or gain military intelligence. Financially motivated groups are focused on money. The rest are uncategorized because not enough information has been gathered on them yet.
And, while each cyber gang likely has its preferred way of executing a cybercrime, the most common avenues include:
· Website Spoofing
· IOT Hacking (Internet of Things)
Malware tends to be one of the front runners when it comes to cyber gang activity. FireEye even noted that 514 new malware strains were developed and deployed in 2020. Of the strains developed, 81% were privately developed and had restricted availability. The remaining 19% were publicly available strains.
Why does all this matter? If we think of cybercriminals as one individual, we may lead ourselves to believe that they are not that big of a threat — it’s just one person, right? While one person can cause damage, the damage can be much worse and much wider spread when it is executed by a group of individuals working together as a business. It’s important to keep this in mind when considering the organization, you work for, and the level of cybersecurity protection that is needed…and necessary.