Thought I’d share a PDF on research relating to the characteristics of cyber criminal activity and black (and Grey) markets.
This was part of the recommended reading for my Malware course and makes for fascinating reading,
Here’s the Preface:
Markets are good because they facilitate economic efficiency, but when that efficiency facilitates criminal activity, such “black markets” can be deemed harmful. Criminal activities in cyberspace are increasingly facilitated by burgeoning black markets in both the tools (e.g.,
exploit kits) and the take (e.g., credit card information). As with most things, intent is what
can make something criminal or legitimate, and there are cases where goods or services can be used for altruistic or malicious purposes (e.g., bulletproof hosting and zero-day vulnerabilities).
This report describes the fundamental characteristics of these markets and how they have
grown into their current state in order to give insight into how their existence can harm the
information security environment. Understanding the current and predicted landscape for
these markets lays the groundwork for follow-on exploration of options that could minimize
the potentially harmful influence these markets impart. This report assumes the reader has a basic understanding of the cyber, criminal, and economic domains, but includes a glossary to supplement any gaps.
This report should be of interest to cybersecurity, information security, and law enforcement
communities. It was sponsored by Juniper Networks as part of a multiphase study on the
future security environment.
