Hackers have their very own underground market for buying and selling our stolen data, and it’s only becoming more sophisticated.
According to the RAND Corporation’s most recent report on cybercrime, the hackers’ black market first emerged in Warsaw Pact countries in the late 1980s when the countries’ many programmers and mathematicians suddenly found themselves out of work. The market was paper-based instead of cyber and revolved mainly around identity theft. Hackers usually acted alone.
The chart below, also taken from the RAND report, shows just how far that market has come. While most hacker activity still occurs in Russia and Eastern Europe, the hackers’ marketplace is now dominated by more disciplined, organised, and structured groups with specialised targets and advanced hacker toolkits.
According to the RAND report, cybercriminals will continue to update their tools as it becomes harder for them to hack into our computers.
RAND acknowledges that people will likely become more savvy about cybersafety and install more encryption and protection measures onto their devices. However, cybercriminals will update their tools to keep up with these advances.
As the graphic below shows, the black market has also taken on a fairly rigid hierarchical structure as more people have gotten involved.
Since the 1980s, the level of technical knowledge needed to implement a cyber attack has declined. Now, almost any computer-literate person can enter the market. This has caused more and more people with varying levels of hacking abilities to enter into the market looking for “freelance” work and hackers-for-hire.
The hierarchy is eerily similar to that of the illegal drug trade. Anyone can be a mule, but getting to the top requires personal connections and a good reputation. In certain respects, reports RAND, the black market can be even more profitable than the illegal drug trade: goods and services can be distributed worldwide with the click of a button, leading to direct and immediate end results.