top of page

Technology Black Market

Updated: Nov 29, 2022

In Antone Gonsalves’ article titled, Cybercriminals Sell Access to Compromised Corporate Systems, Antone shares how cyber criminals hacked into corporate servers to sell them.  He explained how dedicatedexpress.com, believed to be out of Russia, pays hackers a commission for corporate servers they hack into.  The hackers hacked into thousands of corporate servers via Microsoft’s Remote Desktop Protocol, with weak usernames and passwords.


This is a great example of what network security is all about.  Network security administrators sometimes get lost in the details, and forget the big picture.  It reminds me of the classic “forest vs. trees” scenario, where it is easy to get lost in a forest if one focuses on the little trees within the forest.  The article does not go into extensive detail regarding exactly how the corporate servers were hacked into.  Nevertheless, network security is not necessarily about the detail surrounding network technology.   At the core of network security is managing effective and efficient processes in procedures that help to secure the assets of a business or entity.


Someone once asked me the question “Is it possible for a company to truly have a secure computer network?” With somewhat of a bewildered look on my face, I responded to their question with a question. “What do you mean by secure?” I asked.  “Do you mean 100% secure, or less than 100% secure?” “…and, is less than 100% secure, truly secure?”  I asked.


In either case, it appears that protecting computer networks from cyber criminals, at any level of security for that matter, has become a grave challenge.  In hopes of identifying the root cause of the problem, it is important to know how we got to this point.


The origin of the Internet morphed out of a research project in the 1960s, commissioned by the United States government [1].  In the early days, the Internet was just a private network of multiple separate networks that were joined together.  The idea of a need for security in the early days was beyond human comprehension.  Could you image someone, or even the government for that matter, barricading your local public library from the public?  It would be the epitome of insanity.  Why would you barricade or even lock the doors to deny entry of a public library?  Well, the Internet in the 1970s was like a local library that would eventually be commercialized by the 1990s [1].


International involvement, new discoveries, and advancements network technologies over the years, enabled the Internet to become a global network of networks.  A global system of connected computer networks, which serves billions of people worldwide [1].  People just about all over the world now are connected to each other by networks on the Internet.  However, advancement in network security technology has always been a step behind new network technologies.  According to Greg Brewster (Mod 2 introduction video), the Internet is not a secure place.


Given the right set of tools, coupled with weaknesses in network infrastructures, criminals can steal valuable personal information via the internet.  New advancements in network technology also give cyber criminals that innate ability of creating new breeds of sophisticated tools to do their dirty work.  Companies all across the world are in a race against time to secure their network infrastructures. Is there ever an end to this race against time? The answers to these questions are hidden beneath the surface.


In a quest to answer the befuddling network security questions of our time, researcher and crime fighters alike have begun taking frequent journeys beneath the surface into the hackers’ underworld.  This proactive approach will help network security experts stay one step ahead, by learning about the cyber criminal element of human society, and how to combat it.


According to Antone Gonsalve, “cybercriminals have sold a variety of hacker services in the underworld for sometime. Criminals rent networks of compromised PCs and tools for building the so-called botnets. They also open marketplaces for buying and selling credit and debit card, social security and bank account numbers.  However, the services from dedicatedexpress.com are the most unusual; because it rents compromised corporate systems [2].”


Dedicatedexpress.com charges its customers a $20 registration fee, which is paid via a virtual currency called WebMoney. There are around 17,000 compromised corporate computers that are currently being rented by dedicatedexpress.com   Even servers from Fortune 100 companies are currently being rented by these organized criminals.  If the appropriate actions are not taken by companies around the world to secure the confidentiality of their business and customers, they will become victims of heartless cyber criminals with no guaranty of recovery or survival [2].”


According to the Brian Krebs, from the article Cybercriminals Sell Access to Compromised Corporate Systems, “he found a computer for rent on dedicatedexpress.com from Fortune 100 company Cisco Systems. The credential assigned to the Windows Server 2003 system was username: Cisco; and password: Cisco [2]”.


Throughout the years, there have always been organized crimes preying on individuals and businesses alike.  Although technology is constantly changing, combating organized cyber crimes is still the same.  Criminals and crime fighter are on the same planning field.  Hackers are not necessarily smarter than network engineers that discover new breakthroughs in computer network technologies, or network security administrators that work to secure.

However, hackers appear to be well aware of the fact that most network and application systems were designed without them in mind.  Like most criminals, hackers know that their success is depended on victim’s lack of knowledge of their network weaknesses, and the hacker’s ability on the same platform.


Nevertheless, armed with knowledge and a hatred for organized crime, a victim can easily become a victor in this cat and mouse game – in the race against time.  With the proper procedures in place, the hacking of the Cisco Systems servers alluded to earlier could have been avoided.  Could you image a Fortune 100 company investing millions of dollars in securing their network infrastructure, only leave the doors open to their data centers?  How about putting networking drawing with sensitive information (e.g. subnet mapping) in the trash can?  Well, those are the equivalent mistakes made by Cisco Systems when they overlooked an important piece of the process.


If at all possible, network security experts should avoid being sitting ducks or on the defensive waiting for attacks to occur.  Instead, they should arm themselves with the knowledge of known weaknesses within their network infrastructure.  Processes and procedures should be written and enforced that requires combing through ports to identify potential weaknesses.  At the end of the day, the goal of the network security infrastructure program for the company should be to work together as a whole to secure valuable assets.  Period!




27 views0 comments

Recent Posts

See All

Comments


Post: Blog2_Post
bottom of page