Surprise attacks – are usually the most effective form of attack.
Why?
If you wanted to attack someone, would you forewarn them? Would you send them an email saying, "on Friday of this week, I'm going to attack you."? Or would you try and get the "jump" on them?
Of course you'd want to surprise them with your attack.
According to Richard A. Posner, in his book titled, "Preventing Surprise Attacks", he states, "When a satisfactory response to a threat is difficult to devise, the tendency is, ostrich-like, to deny the threat."
His book focuses on national intelligence, but the concept applies to all aspects of life.
Statistics from McAfee say that 44% of small business owners think that cybercrime is only a concern for larger organizations and believe it does not affect them.
McAfee further contends, "52% of businesses believe that because they are not well-known so cybercriminals will not specifically target them. Almost half (45%) do not think they are a ‘valuable target' for cybercriminals. 46% do not think they can be a source of profit for cybercriminals."
Talk about denying the threat.
Your lack of knowledge and the belief that cybercriminals do not want what you have are two enormous reasons your websites not only appear on the radar screens of hackers, but they're also flashing with a big "Here I am!" neon colored sign.
Your strategy "to deny the threat" is what makes your websites the low-hanging fruit just ripe for pickin' by the cybercriminals of the world.
What you need is an education in why cybercriminals want your websites, why your websites are valuable to them and how they profit from your websites. Then you'll be better prepared for their attacks. The element of surprise will be on your side because the cybercriminals won't know how well prepared you are.
Cybercriminals want your websites because they make money.
The thing you don't know is how they make money from websites.
Their business model is much like your own. They have multiple streams of income. The first element of their business that you need to learn is that much like in our world where the money is in your list, in the world of cybercriminals, the money is in their botnets.
A botnet is a network of PCs (a bot is a robotically controlled computer) all remotely controlled by the same source. The people who control them are called bot herders.
Most people don't realize that when computers are "hacked" the main motivation for the hackers is to install remote control software. Yes, there are other reasons some of them hack, but primarily they want to remotely control your PC.
The normal sequence of events is this:
- A small piece of program code is downloaded onto your computer. The main purpose of this program is to connect to the "mother ship" and download the "mother lode of infectious code." This code is small so that it can easily be modified to evade detection by anti-virus software.
- The mother lode contains the actual remote control software. Sometimes it is polymorphic – it actually changes or "morphs" itself to further evade detection. Frequently part of the job of this program is to shut-down the anti-virus and possibly the local firewall as well.
- With the PC firmly under the control of the bot herder it can be used to send SPAM, launch attacks on other PCs, be used as a Phishing website, record keystrokes of the user or to install "pay per install" junkware.
This simple 3 step process is carried out thousands or millions times a day – everyday.
Imagine that you are a hacker with 200,000 bots in your botnet. You sign up to an affiliate program that pays you $1.45 for every installation of a toolbar. With a little script you push "go" and in the next hour all 200,000 PCs have a new toolbar. You just made $290,000.
Maybe that's not enough for you. The next night you install some spyware that pays you 50 cents for all installs with a bonus if you can install over 5,000 per day.
Think these programs don't exist? You've never heard of them so they don't exist right?
Check out this screen:
If you run a Google search for "pay per install" you'll see many, many more of these "affiliate" programs. Just be careful as these sites may try to infect your PC.
Some of these affiliate programs will provide you with the infectious code to install on a highly trafficked website so you can infect as many PCs as possible. Often times the affiliate program will also include code that will be undetectable by any anti-virus software as evidenced in this screen:
And see how easy they make it for you:
You can see their motivation for wanting your website – they can either get paid by infecting your visitors with the pay-per-install software directly or they can add your visitor's PCs to their botnet and then get paid later for installing junkware.
Another income stream for cybercriminals is SPAM.
What's that you say, "SPAM doesn't sell anything" ???
What statistics do you have to back that up?
Here's some statistics for you – according to a recent report, http://www.marshal.com/pages/newsitem.asp?article=748&thesection=news
29% of Internet users make some purchase off of SPAM. Usually its enhancement pills (helping you grow body parts you may not even have), software, adult material or luxury items such as watches, jewelry or clothing.
Did you think your emails were the only ones effective at selling goods or services?
Where do you think SPAM originates from?
Botnetted PCs.
Where do you think large-scale attacks come from?
Botnetted PCs.
Sometimes cybercriminals rent their botnet so SPAMMERs or other cybercriminals. This rental income is sufficient enough to make them some decent money.
There you have three sources of income: installing junkware, sending SPAM and renting their botnets.
Cybercriminals know that their old way of infecting PCs – with email borne viruses, has basically gone away. They needed to sustain their "businesses" so they turned to the next available distribution method – infecting websites.
How do they get into your website to install this infectious code?
That and other topics are the next step in your educational process. Other important aspects of cybercriminals are:
- Who are they?
- What can you do to check your website?
- How will hacking infect your SERPs?
If you'd like to learn more about the underground world of cybercriminals, you can register for our email educational series titled, "How Cyber Criminals Use Your Website to Distribute Their Malware". Just click here and provide us with your name and email address. Nothing to buy. It's delivered at no charge to your inbox.
You've learned a lot in this article. Keep up the good work and keep learning. Register now for our email series. Click here to continue on your journey. |
