<\/p>\n
Hacking now is so easy that hackers don\u2019t even have to be a technically sophisticated hacker with hacking skills and knowledge, and to deal with the technical challenges to run their own crimeware. Instead, they can just buy a hacking service that will do most of hacking works for hackers, enables them to automate the hacking online and gain access to sophisticated network easily. Obviously, the Crime-as-a-Service (CaaS) offering is contributing to the increasing volume and sophistication of cybercrime and the increasing difficulties of tracking malicious hackers. The victims are not only the targets under attacks, but also those attackers, customers of the CaaS offerings. For example, a newly discovered crimeware service is using Facebook hacking tools hosted on Google Drive. It requires users\/customers to provide their Facebook login credentials before they can hack other accounts. It steals aspiring hackers\u2019 account information and tricks them that they can hack into other accounts. This crimeware service makes money by selling stolen account information in the underground market. This also put enterprise user accounts under at risk. Hackers can steal business users\u2019 credentials and develop a botnet for stealing a company\u2019s intellectual property, damaging software or conducting other future attacks, while it is hard to track back and find the real attackers. They can also make money by selling the credentials to the highest bidder. Therefore, to prevent this kind of attacks, IT managers are suggested to prevent employees from using business accounts for personal use, open suspicious link or downloading unauthorized files, and ensure to have fast response to attacks.<\/p>\n
This article made me think about the security of social media sites, like Facebook, Twitter and LinkedIn. As most trusted communication channels to most of people, many social media sites even cannot secure their own environment. It makes social network a hotbed of CaaS and other cyber crime that allow hackers to manipulate users and develop botnet easily. It is weaponized, and makes hacking more effective and less trackable. To companies, social media attacks are not only about reputation damage, it also leads to big data breaches. According to research, eighth companies suffered a security breach due to social media-related cyber attacks. However, companies can hardly prevent employees from using social network because it has become part of our lives. Instead, companies should identify their social assets, develop an effective social media security plan, educate employees, and be almost prepared to for social media attacks.<\/p>\n
Article:\u00a0http:\/\/www.darkreading.com\/attacks-breaches\/crimeware-as-a-service-hack-turns-potential-hackers-into-victims\/d\/d-id\/1326849<\/a><\/p>\n References:\u00a0http:\/\/www.darkreading.com\/attacks-breaches\/why-social-media-sites-are-the-new-cyber-weapons-of-choice\/a\/d-id\/1326802<\/a><\/p>\n