CaaS/MaaS – Crime as a Service/Malware as a Service

Technology has always proven to be a double-edged sword throughout history; as the world improves technology standards and efficiency, so do the bad guys. The latest iteration of threats come in the form of what we know today as SaaS, but are re-engineered for malicious purposes and redefined as CaaS (crime as a service). As a result, this expands the capabilities of non or semi-technical malicious actors to achieve professional grade attacks at the click of a button. The most common offerings in these services include: phishing and exploit kits, obfuscated malware, DDOS services, etc.

What does this mean for our organizations and the security teams that support them? The most glaring assumption would be an increase malicious activity. There are statistics that support this assumption and can be correlated back to CaaS services becoming publicly available. I believe the most significant concern with CaaS is enabling scenarios like disgruntled employee attacks or corporate spying. Most cyber criminals are motivated by monetary gain, and with the simplicity of CaaS, it will enable less-common motivators to become more prevalent. Likewise, CaaS raises some major concerns as it is well understood that a targeted attack, especially one from the inside, is difficult to thwart.

The best way to mitigate such attacks or any others is to stay vigilant. Understand the latest culture of threats and build defenses appropriately. Always use best practices and implement a security program and stack to address the threat landscape. Most importantly, monitor internal events for anomalous activity. Sometimes we get lost in the ‘defend the castle’ ideology, and rarely consider the trojan horse. It will be of some use to understand the offerings that are available to malicious actors. There are plenty of sources on the deep web to help, and we have provided guidance for access below.

Curious on how to access the deep web?

  1. Subscribe to an anonymous VPN service. I use and recommend IPVanish
    1. https://www.ipvanish.com/
  2. Download TOR
    1. https://www.torproject.org/download/download.html
  3. Launch your TOR browser or use the Firefox extension and go to fi (deep web search engine)

 

For further discussion on the deep web or how your organization should address CaaS, contact Rick at rbos@wcapra.com.