The Cybersecurity Ecosystem

This week, the main thing you should be doing is the first homework assignment. Read your assigned chapter of that book, think about it carefully, and write up your first assignment.

As you read that, I want you to think about the ecosystem that exists around the cyber attackers. In addition to the traditional front-line “hacker” role that exploits computer systems, there is a whole ecosystem of people around the hacker that often function in support roles. For criminal hackers, support roles could include the people who buy and sell stolen data, or the money mules that move extract cash from credit cards, or running the web hosting services, or so on. For nation-state hackers that work in the military, they have secretaries support specialists and whole teams helping them look up information or create specialized systems to test their attacks.

These ecosystems and the people in them are an important part of what makes cybercrime work, and cybersecurity difficult. But they also are potentially places where cyberattacks can be disrupted or influenced. One of the things we will be doing throughout the semester is paying a lot of attention to the ecosystem of people and services that exist around specific cyberattacks that support and enable those attacks.

To get us started thinking about these ecosystems, I’d encourage you to read a recent academic paper that looked in detail at three types of support services for cyberattacks: running bulletproof hosting services; herding botnets; and scanning for vulnerabilities. The paper is a really interesting description of what it is like to be one of the people doing this kind of work, and the title really summarizes their main consclusion: “Cybercrime is (often) boring”. (You can also read a news article that summarizes a bit of the paper here, though I recommend reading the whole academic paper.)

There is no quiz about the reading for this week; instead, get your assignment completed and submitted before Thursday’s class.