Intel: We underestimated the rise in cybercrime


Written by

The global technology landscape was very different in the summer of 2010: Nokia was the leader in smartphone market share, NASA had just signed on with Rackspace to explore cloud computing, and Intel was ready to acquire McAfee to become a heavy hitter in the cybersecurity world.

Flash forward to today and the world’s largest security company is making an interesting concession: Intel says it underestimated the rapid evolution of cybercrime over the past five years, watching it morph into a full-fledged business that’s highly lucrative for criminals, highly costly for the global economy and has a very low technical entry point for those looking to get involved.

Intel examined the rise in cybercrime in its latest threat report, released Tuesday, while also highlighting how attacks have grown in sophistication and scope as new technologies move into the mainstream.

“We all expected significant growth in the volume and technical capabilities of cyberattacks. The conditions were just too tempting to ignore,” the report reads. “What we did not quite expect was the transformation of cybercrime into a full-fledged industry with suppliers, markets, service providers, financing, trading systems and a proliferation of business models.”

Intel attributes the climb to the combination of tools used on the dark Web, such as the anonymous Web network Tor and different versions of virtual currency, as well as a shift from stealing bulk credit card information to high-profile data, such as personal health data or intellectual property.

Among the research chronicled, a security vendor detailed a model that shows how cybercriminals get a 1,425 percent return-on-investment from malware campaigns. Another Intel study found the cost of cybercrime was estimated at around $400 billion.

“Of course, crime follows the path of least resistance to the money, and has to pay sufficiently well or people will stop doing it,” the report reads. “Unfortunately, cybercrime has been paying very well.”

The report credits the dark Web for lowering the barometer for entry, giving people the chance to buy off-the-shelf malware like ransomware, attack-creation programs and other offerings as if they were buying any other piece of software.

“It now takes very little skill to be a cybercriminal,” the report reads.

What’s old is new again

The report also focuses on the return of GPU-based malware, which crafts itself to evade security protocols by hiding deflecting activity away from the CPU. Around for years, Intel researchers say new versions are appearing on online code repository GitHub.

Researchers show that while new versions are automatically overwriting CPU commands once the malware deflects processing capability toward the GPU, that doesn’t mean they are completely undetectable from endpoint security systems. Security researcher Craig Schmugar wrote that Microsoft has a number of key protections that can keep GPU malware from taking over a system, including Patch Guard, Early-Launch Anti-Malware and Secure Boot.

“GPU threats are a real concern, but this type of attack has not reached perfect storm status,” Schmugar wrote in the report.

Intel recommends a number of fundamental practices for protecting against these type of attacks, including enabling automatic OS updates, keeping endpoint security up to date and application whitelisting.

While these sound like easy fixes, Intel finds that business and consumers still aren’t paying attention to basics of cybersecurity. Updates, patches and security alerts are often ignored, which means systems are as vulnerable as ever.

“This is not news to the security industry; we have banged this drum from decades, and yet these remain the most likely vectors from successful attacks,’ the report says.

Read the full report on Intel Security’s website.