Next thing to worry about: Cybercrime as a service

Placeholder Image for Article Template

You've heard of software as a service and infrastructure as a service. Now you need to pay close attention to cybercrime as a service, one of the more insidious -- and burgeoning -- forms of organized attack.

Many of the recent high-profile data breaches at retailers like Target, and Nieman-Marcus leveraged off-the-shelf Internet-based cybercrime kits, according to McAfee Labs' latest quarterly report. That increased simplicity and availability could mean dangers for federal agencies' networks and facilities.

"If cybercriminals could execute such large-scale attacks on retailers – particularly Target – they could attempt the same against government agencies," Patrick Flynn, McAfee’s director for homeland/national security, told FCW in an email. "The administrators of federal sites that are citizen-facing and store large amounts of personal information need to be especially vigilant. Ironically, attackers taking advantage of cybercrime as a service don’t need anywhere near the same expertise.”

Hacking for dummies, indeed.

Just as typical cloud--as-a-service and infrastructure-as-a-service capabilities bring operational efficiencies to more enterprises, cloud-based malware can bring more sophisticated attack skills within the reach of a larger pool of possibly less-talented hackers.

The attacks against major retailers exposed the data of hundreds of thousands of the store's customers to electronic thieves that hacked into its point-of-sale terminals. McAfee called the Target breach one of the biggest of all time.

The attacks, while enormous, weren't unprecedented. What made the latest round different was not only the size of the thefts, but that they were apparently done with pre-packaged tools tailored to the specific job.

"During the last few years we have seen a notable rise in the malware families POSCardStealer, Dexter, Alina, vSkimmer, ProjectHook, and others, many of which are available for purchase online," said the report.

McAfee said Target uses a custom-built POS application, which means that the attackers could not learn the system offline, via readily available leaks of commercial POS applications. McAfee said that although the malware that attacked Target was based on a known entity called BlackPOS, it had several customized capabilities that allowed it to behave in a certain way once inside Target's environment.

McAfee analysts said the attacks were "far from advanced," but noted that the off-the-shelf, family of BlackPOS malware shows that such packages can easily be modified and redistributed with little programming skill or knowledge of malware functionality. In the past, BlackPOS source code has also been incorporated into Zeus/Citadel, Gh0st, Poison Ivy, and many other kits, showing that almost anyone can employ, modify and use them for nefarious purposes.

“Cybercriminals don’t have to be technical experts to get the job done,” Flynn said. “In fact, they only need a credit card.”

About the Author

Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at or follow him on Twitter at @MRockwell4.


  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.