Cybercriminals Are Adopting Corporate Best Practices 66
Orome1 writes: Cybercriminals are adopting corporate best practices and establishing professional businesses in order to increase the efficiency of their attacks against enterprises and consumers. This new class of professional cybercriminal spans the entire ecosystem of attackers, extending the reach of enterprise and consumer threats and fueling the growth of online crime. Low-level criminal attackers are even creating call center operations to increase the impact of their scams. "Advanced criminal attack groups now echo the skill sets of nation-state attackers. They have extensive resources and a highly-skilled technical staff that operate with such efficiency that they maintain normal business hours and even take the weekends and holidays off," said Kevin Haley, director, Symantec Security Response. "We are even seeing low-level criminal attackers create call center operations to increase the impact of their scams."
Relief! Finally! (Score:5, Funny)
Finally, relieved. Corporate best practices! If that does not kill their efficiency and agility, nothing will. Hope the also implement agile rally scrum thingies complete with kanban board and daily dissing of waterfall development. Seven layers of managers telling the lone code monkey what to do, quarterly story point estimates, progress reports, burn down charts, ... the works. So much time will be spent in measuring progress and in planning meeting, nothing will ever get done.
Great!
Re: (Score:1)
I was very much worried about the cyber criminals. Despaired what/who could stop them.
Finally, relieved. Corporate best practices!!
Yes! They will employ ITILv2 experts and Service Delivery managers to "improve" their business models, :-)
Who could think of more expert types?
Re:Relief! Finally! (Score:5, Insightful)
I am not surprised. It can be asserted that malware is the best written software in existence today, because it had to be small, work flawlessly, and do its job well. Unlike most shops where "it builds, ship it" is the mantra, malicious software has to fly under the radar, or it will be detected and destroyed pretty quickly.
Re:Relief! Finally! (Score:5, Funny)
Neither am I. After all, corporations have adopted criminal best practices for decades.
Nah (Score:2)
Corporate Practices translated to Crime: Their Lobbying group will ensure that they never ever get prosecuted for stealing your stuff. They are calling it PHUCKU, or Political Harassment Until Crime Kills U.
Re: (Score:2)
Exactly! soon they will stop being productive and have meetings about meetings trying to decide when the next meeting should be held..
Re:Relief! Finally! (Score:4, Funny)
Seven layers of managers? (Score:1)
Haaa, that got me laughing, I only had the three managers myself
Re: (Score:2)
Just came in to make sure something like this was the top comment. Right then, carry on.
Difference (Score:2, Insightful)
As the criminals become more like tech companies and the tech companies become more criminal, we soon can't tell the difference.
Re: (Score:2)
It'll be easy to tell the difference: Who pays their brib.. er.. campaign contributions to the politicians and who doesn't.
Question (Score:5, Funny)
Do low-level criminal attackers create call center operations to increase the impact of their scams?
I don't think this summary answered that question adequately.
Re:Question (Score:5, Funny)
Re: (Score:3)
Yea, they actually wan't to provide good service to their "customers," unlike Comcast.
Re: (Score:2)
High-quality call-center based customer support? That should trivially distinguish them from the legitimate businesses.
Re: (Score:2)
Re: (Score:2)
That's what I get for typing on no sleep. *sigh*
Re: (Score:2)
It'd still be better than calling Comcast
I'm pretty sure a significant number of people would put Comcast in the same category as criminals.
Re: (Score:2)
Female cybercriminals still only get 77% of the loot that male cybercriminals do. Equal takings for equal crimes, I say!
Great, now even cybercriminals file TPS reports (Score:5, Funny)
Where am I going to fantasize about escaping the mediocrity of corporate existence now?
As they say.. (Score:3)
When the going gets weird, the weird turn pro.
that's why it's called Organized Crime (Score:4, Funny)
Re: (Score:1)
There must be some interesting forms at such orgs:
Strike Category:
1. (_) Intimidation Only:
1.1 (_) Fake horse head in bed
1.2 (_) Real horse head in bed (high budget only)
1.3 (_) Install Windows 10 on home PC
1.4 (_) Smash car:
. . . . [_] Windshield [_] Body [_] Tire pop
2. (_) Injury:
2.1 (_) Strike to Knee: # of strikes: _____
2.2 (_) Gut hit: # of hits: _____
3. (_) Finish Off:
3.1 (_) Cement galoshes
3.2 (_) Swimmin' with d' fishies
3.3 (_) Car "accident"
3.4 (_) Other: ____________________
Re: (Score:1)
Re: (Score:1)
Re: (Score:2)
From what I've read, not all those lapses are on accident. Phishers and money scammers make more money on the stupid and greedy who are willing to overlook glaring logic errors either because they don't understand them or they want a payoff so badly they ignore them. It cuts down the amount of effort wasted on the non-gullible.
Since when do noisy call centers full of (Score:2)
Indians speaking horrible English "increase the impact of their scams"?
Unless by "increase the impact" they mean, "make it an obvious scam"...
Re:Since when do noisy call centers full of (Score:5, Insightful)
Indians speaking horrible English "increase the impact of their scams"?
Unless by "increase the impact" they mean, "make it an obvious scam"...
Oh I dunno, having Indians being their call center goons would legitimize them even more, since they'd be on par with actual legitimate businesses.
Re: (Score:2)
The legitimate Indian call center employees that I have spoken to have pretty good command of English with a -- while noticeable -- mild accent.
The Indian scammers who call me are definite rejects based on their strong accents and inability to do anything but poorly follow a script.
Re: (Score:2)
"James Ellis from the Dish Network" (he just called me) does not have a strong Indian accent.
But what will low-level criminal attackers do? (Score:2)
Will they create call center operations to increase the impact of their scams?
I mean, will they create call center operations to increase the impact of their scams?
Re: (Score:2)
I work in software for the marijuana industry, and everyone leaves at 4:20. First tech job I've ever had like that.
FTFY
Maybe the luddites are right (Score:1)
Maybe there is something to be said for keeping some of your "in house" data only on paper or at least on disconnected computers to make infiltration and ex-filtration harder.
Yes, there is some data that you must have accessible from the outside. For example, if you are a doctor's office your current clients will want to be able to cancel or change future appointments without having to talk to a live human being. But you don't necessarily need all of your former patents' complete medical and payment histo
No need to worry. (Score:2)
I'm having definite Sneakers flashbacks... (Score:2)
Cosmo: There I was in prison. And one day I helped a couple of nice older gentlemen make some free telephone calls. They turned out to be, let us say, good family men.
Martin Bishop: Organized crime?
Cosmo: Hah. Don't kid yourself. It's not that organized.
Cybercriminals adopt ITIL (Score:2)
--
.nosig
Cybercriminals adopting corporate best practices? (Score:1)
Not really a surprise. (Score:2)
Methodologies (Score:2)
It won't be long til we see PRINCE2 for Cybercrime, with strong focus on ITIL methodologies.
Only PM professionals with 5+ years experience in cybercrime need apply.
Comment removed (Score:3)
nothing changes (Score:1)
My favorite cartoon:
A teenager saying to dad: Dad, i'm gonna make a carrier in organized crime field.
Dad: Government or private sector?
redundant redundancy (Score:2)