types of highly effective HACKERS - MicroAge · points into its networks, or “denial of...
27
7 types of highly effective THE Highly Effective Approaches to Cybersecurity HACKERS
Transcript of types of highly effective HACKERS - MicroAge · points into its networks, or “denial of...
7types of highly effective
THE
Highly Effective Approaches to Cybersecurity
HACKERS
Digital transformation is impacting every aspect of
business—shaping growth, transforming products,
optimizing operations, and empowering employees.
But with these extraordinary opportunities comes
many questions about how IT leadership can effectively
evolve their organizations, while still securing their data
against the threat of increasingly severe cyberattacks.
THE THREAT LANDSCAPE. The rapidly dissolving IT
perimeter has created new targets for hackers. And hackers
are becoming much more skilled and organized. As a result,
there’s been an unprecedented rise in the number, sophis-
tication, severity, and financial impact of different attack
vectors around the world. Threats now range from trouble-
making teenagers hacking alone on their laptops for brag-
ging rights, to highly organized criminal collectives with
the power to threaten national and international security.
2Introduction
THE GOOD AND BAD NEWS. Let’s start with the
bad news. Due largely to the seven different types of
hackers outlined in this e-book, the rate of cybercrime
is increasing exponentially. Millions of dollars of
intellectual property are at risk, as well as the threat
of lost productivity. The good news is that your organiza-
tion doesn’t have to fight these criminals alone. While the
reality is clearly daunting, thanks to its sheer size and scope
worldwide, Microsoft is uniquely positioned to help
you do something about it.
Because of the massive scale of information that
Microsoft processes—billions of device updates and
hundreds of billions of emails and authentications for
example—we’re able to synthesize threat data far faster
than your organization could ever do it alone.
– Microsoft Blog “Microsoft’s unique perspective on
cybersecurity.” June 24, 2016.
[Our] unique insight into the threat landscape, informed
by trillions of signals from billions of sources, create an
intelligent security graph that we use to inform how we
protect all endpoints, better detect attacks, and accelerate
our response.
– Microsoft’s Chief Information Security Officer
Bret Arsenault, 2015 - Microsoft Blog “Enterprise security
for our mobile-first, cloud-first world.” November 17, 2015.
3Introduction
600%Attachment-based
URL-deliveredmalware attacks
vs.
from mid-2014 to 2015(Proofpoint, 2015)4
There was a
increase in
$209MILLIONwas stolen in the
first quarter of 2016
using
CYBERTHREATS and
RANSOMWARE
( FBI report, April 2016)6
In the U.S. alone,
2,400RANSOMWAREwere reported to the
Internet Crime Complaint
Center for 2015—at a cost of
$24 MILLION(FBI Press Release, 2016)1
complaints of
CYBERCRIMESURPASSEDall other forms ofcrime in the U.K.(Dark Reading, June 2016)3
According to the National Crime Agency (NCA), in 2016,
IN 2015
594MILLIONpeople worldwidewere victims ofONLINE CRIME
(2016 Norton Cybersecurity Insights Report)5
There’s a newidentity fraudvictim every
2(Javelin, 2015)2
SECONDS
Cybercrime statistics
are staggering
4Cybercrime Statistics
Script KiddiesOften bored teens, hacking alone,
don’t put much time or thought
into gaining computer knowl-
edge on their own and instead
exploit existing code.
WHAT MOTIVATES THEM. Thrill seekers,
these budding criminals mostly hack for fun,
recognition, and bragging rights. But that
doesn’t mean they can’t pose a serious threat.⁷
5Script Kiddies
TOOLS OF CHOICE. Because they often lack the skill to
write their own code, they instead cut and paste code or
scripts developed by others to cause trouble for their victims.
Among the most damaging tools used by script kiddies are
rootkits, which allow them to solidify their hold on systems
once they’ve broken in.
TARGETS. Script kiddies often scan the internet for a
victim computer with a specific vulnerability to leverage
their limited skill set. The newest generation of rootkits
actually replaces pieces of your kernel in RAM, where it
takes control of your system.⁸ THE BEST PROTECTION. Because script kiddies usually
lack technical skill, they tend to be sloppy and often leave
evidence of their work. Your best security plans are:
Stop them from getting in the door in the first
place by keeping your security up to date and
deploying intrusion detection systems.
Implement tools like chkrootkit Rootkit Hunter
to tackle the more challenging rootkit problem.
Be proactive and set your security measurements
up ahead of time so they can offer advance warning
if something goes wrong.
1.
2.
3.
6Script Kiddies
STATS. Although they’re difficult to track, it’s estimated
that there are millions of script kiddies at work around the
world. And, although they’re the most inexperienced and
immature on our scale of hacker types, they can cause as
much damage as their more savvy counterparts.⁹
Hacking GroupsA loose collection of script kiddies who wield
more power as a collective than as individuals
and can seriously disrupt business.
WHAT MOTIVATES THEM. While disregarded by some for the
same reasons as script kiddies, these hackers, working together,
glean confidence from their status as a collective and have the
potential to wreak a great deal more havoc, often leveraging the
combined range of skills within their group to be more effective.
7Hacking Groups
TARGETS. Currently, hacker groups typically
focus on releasing sensitive documents and
personally identifiable information. These
attacks have the potential to result in serious
harm, particularly to high-profile companies,
law enforcement, and government personnel.
One famous hacker group is LulzSec, known
for well-publicized attacks on the CIA and the
U.S. Senate in 2015.
STATS. Clearly, the range of damage hacker
groups can do varies widely, but even seemingly
harmless pranks can have potentially disastrous
effects. For example, on April 23, 2013, a single
tweet from the hacked account of the Associated
Press led to a $136 billion drop on the S&P
500 index within approximately two minutes.10
THE BEST PROTECTION. A basic 5-step
plan is helpful against ALL forms of criminal
cyberthreats:
1. Invest in defense, including intrusion
detection and protection.
2. Plan a response strategy to uniquely
address each type of attack.
3. Institute solid HR policies to protect
against insider threats.
4. Deploy a solid incident response platform.
5. Document and share attack reports across
the IT department.
8Hacking Groups
WE ARE EVERYWHERE
#HACK
HacktivistsCollectives of savvy, politically motivated,
and often exceptionally skilled hackers.
They’re fighting a war and cybersecurity
is their weapon of choice.
WHAT MOTIVATES THEM. Grounded in hacker
culture and ethics, hacktivist goals are often inspired
by a passionate commitment to free speech, human
rights, or freedom of information.
9Hacktivists
?
WE ARE EVERYWHERE
#HACK
TOOLS OF CHOICE. In many cases, hacktivists use
the same tools and techniques as regular hackers.
However, because their goal is attention rather than
financial gain, there are some significant differences.
DNS tunneling, for instance, exploits a target’s servers
that convert IP addresses to domain names as entry
points into its networks, or “denial of service” (DoS)
attacks, which act as distraction while the attackers
work to access another part of the network. These,
along with hijacking websites and taking over Twitter
accounts and Facebook pages, allow hacktivists to steal
and disclose sensitive information they illegally access.
In fact, more than any other type of hacker, hacktivists
often leverage social media to generate publicity and
support for their efforts.11
TARGETS. They might leave a highly visible message
on the homepage of a site that represents a political
affiliation the hackers oppose. Or they may disrupt traffic
to a high-profile site that will cause a stir and get people
asking questions, thereby giving them the opportunity
to state their case.
For example, Anonymous, the best-known hacktivist
group, has launched attacks against child-porn sites,
Koch Industries, Bank of America, NATO, and various
government websites. Interestingly, in almost 75 percent
of cases, hacktivist targets are warned ahead of time
of the impending attack, something that rarely if ever
happens with financially motivated hacks.12
10Hacktivists
#HACK
STATS. Most of the cyberattacks performed by hacktivists
are illegal under domestic crime statutes. Few cases, however,
reach the point of prosecution, in part because the damages are
usually minor. However, with nationalist groups getting in on
the action, the problem is growing. In 2012, of the 177 million
records stolen by hackers, 100 million were taken by hacktivists.
THE BEST PROTECTION. Several leaders of prominent
hacktivist groups have argued that it’s actually quite simple to
Stay off their radar, conduct business ethically, and be so-
cially responsible. But the truth is, organizations need to
take real precautions as the scale of hacktivism expands
exponentially year over year.
Put multiple layers of security controls in place, so that
something that breaches one layer is less likely to get
through to another.
Ongoing education and awareness efforts are also
crucial. Informed and proactive people are the first line
of defense against any of these criminals.
1.
2.
3.
11Hacktivists
Black HatProfessionalsThese are highly experienced hackers who
do this work for a living, bringing decades
of extensive computer knowledge to the
table. They generally neither destroy nor
seek publicity but figure out new ways to
infiltrate impenetrable targets, developing
avenues of attacks that often prove costly
for both governments and businesses.
WHAT MOTIVATES THEM. A broad range of incentives
and goals attract hackers at this elite level, including mon-
ey, revenge, public attention, bragging rights, access to
valuable data, and even mere amusement.
12Black Hat Professionals
TARGETS. Black hats target applications,
networks, computer systems, infrastructure
and, occasionally, even people. Their victims
include companies with valuable intellectual
property, financial organizations, any company
with sensitive data to exploit, and even, maybe
most distressing, hospitals and other
healthcare facilities.13
TOOLS OF CHOICE. Their purpose is to breach
or bypass internet security, break into computers
and networks, and also create computer viruses.
While regular hackers build things, black hat
professionals (also known as “crackers”) break
things, maliciously exploiting security vulnerabil-
ities that frequently threaten the personal and/or
financial information of millions of customers.
13Black Hat Professionals
STATS. To offer a glimpse into the power of a single black
hat hacker, consider this: American hacker, “c0mrade”, man-
aged to hack into a number of networks, including those
belonging to NASA. He downloaded enough source code
to learn how the International Space Station worked. The
total value of the downloaded assets was worth millions.
To make things worse, NASA was forced to shut down its
network for weeks while they investigated the breach.
THE BEST PROTECTION. Ironically, one of the most
effective strategies to defend your organization from a
Black Hat professional, is to engage a member of their own.
Engage the services of a “white hat”—an ethical hacker
with similarly comprehensive skills who puts them to
work testing vulnerabilities, exploits, and viruses and
reporting them to potential target organizations so
they can breach any holes and strengthen their overall
security position.
Maintain good security hygiene across your network.
Enforce good configuration policy. Ensure systems are
protected by firewalls. Enforce password best practices.
1.
2.
14Black Hat Professionals
Organized Criminal GangsLed by seasoned professional criminals,
these serious and very talented hackers
function within a sophisticated struc-
ture, guided by strict rules to ensure their
crimes go undetected by law enforcement.
It’s like The Mafia, only with computers. In
fact, a large number of black hat hackers
are affiliated with organized crime.
WHAT MOTIVATES THEM. Forget the image of a
17-year-old hacker, working alone in his parents’ basement;
instead, picture sophisticated and organized cybercriminals
who choose this way of life as a profession. They’re driven
by the immense amounts of money they can make at this
level, and how much “easier” cybercrime is relative to more
traditional criminal activity.
15Organized Criminal Gangs
TOOLS OF CHOICE. These highly experienced
developers have deep knowledge and years of expertise
that enables them to constantly innovate their malware
and attack tactics.
TARGETS. Every kind of cyberattack mentioned above
and many more you can’t imagine. These professional
crime rings often launch their attacks on Friday evenings,
after work hours, so their infiltration is more likely to go
undetected for longer—and therefore do more damage.
A few years ago, these hackers were stealing money in the
five-figure range; today these brazen cybercriminals are
stealing millions of dollars at a time.
STATS. We’ve reached the point where highly organized
criminal gangs are generating about 80 percent of
cybercrimes. Unlike other types of hackers, they keep
office hours and take weekends off, treating their nefarious
activities just like regular jobs. But when they turn out the
lights, they flip the switch on the kinds of data breaches
that, according to a 2015 Cost of Data Breach Study by the
Ponemon Institute, cost an average total of $15 million per
year. And cybercrime is forecast to become a $2.1 trillion
problem by 2019.14
16Organized Criminal Gangs
THE BEST PROTECTION. The scale and sophistication
of modern cybercrime is unprecedented. Protecting your
organization from this rapidly evolving threat will require
a new holistic approach to cybersecurity. Alongside this
new approach, there are ways you can improve your
security today.
17
Maintain best practices for organization security
and stronger architecture.
Additionally, the open and rapid sharing of infor-
mation offers the best protection against this
level of cyberthreat.
Stay up to date on the latest information about
cyberthreats, including tools, tactics, and procedures.
1.
2.
3.
Organized Criminal Gangs
Nation-StatesThis is organized cybercrime at the inter-
national level, using hacking techniques as
military, political, and economic weapons.
WHAT MOTIVATES THEM. Nation-states are more inter-
ested in political and economic espionage — stealing state
secrets, intellectual property, and the personal information
of government employees — than simply making money.
A recent example was the hack of the U.S. Office of Personnel
Management, which put at risk the personal information
of up to 14 million current and former federal employees.15
18Nation-States
TOOLS OF CHOICE. Spear phishing, credential harvest-
ing, malware, records theft, and complex techniques for
evading detection... The list is sophisticated and seemingly
endless. The most talented and ruthless hackers are put to
work by nation-states to do the dirty work while the
government officials who employ them remain officially
unsullied. U.S. and European defense officials have charged
that nations such as Russia and Iran are increasingly arm-
ing and encouraging criminal and activist groups with the
cyberweaponry necessary to harm their enemies, without
taking official responsibility for the crimes.
TARGETS. With massive computing power at their
disposal, nation-states target critical infrastructure,
military, utilities, or financial sectors of their adversaries.
In May 2016, the FBI issued a warning that foreign
government hackers are actively targeting the U.S.
The report read, “Advanced Persistent Threat (APT)
cyber actors continue to target sensitive information
stored on U.S. commercial and government networks
through cyber espionage.”16
19Nation-States
STATS. Because nation-state–supported hackers are
extremely well funded, they can be particularly formidable
adversaries. As a result, nefarious nation-state–sponsored
cyber activity can have devastating effects on a country’s
national security and its economy. According to Forrester
research, “...all nation-states are not created equal, and like
individual hackers, each has a different motivation and
level of cyber capability.”17
THE BEST PROTECTION. Most organizations are far
more likely to experience the other kinds of cybercrime
detailed here than have to deal with nation-state activity.
However, as always there are ways to improve your organi-
zation’s network security.
20
Know your network. Address easily exploitable
vulnerabilities and encrypt all confidential data.
The FBI has advised network administrators to engage
in “proactive patch management” as the main line
of defense.
1.
2.
Nation-States
The Cyberweapons DealerA more seasoned criminal who sells
automated pieces of software that act
like weapons, mostly to nation-states
or organized crime rings, but really
to anyone who can afford them.
WHAT MOTIVATES THEM. Money. A lot of it.
TOOLS OF CHOICE. The dealer arms attackers with a
foundational piece of software that acts like a worm virus,
which they then use to build their weapons without
advanced coding skills. Because it’s so much easier to
customize a preexisting tool than to start from scratch,
these tools are worth a lot of money to attackers. And
a well-crafted piece of software can be used by any one
of the other six cybercriminal types.
21Cyberweapons Dealer
TARGETS. The weapons peddled by these dealers target
vulnerabilities in software that haven’t been discovered by
their manufacturers. Nation-states often use those same
virtual holes to gain under-the-radar access into foreign
computer systems for the purposes of eavesdropping or
even taking control of the systems themselves.
TOOLS OF CHOICE. One example of a dangerous cyber-
weapon is the malicious Dorkbot botnet. It infects over
100,000 devices each month and has owned over a million
PCs in 190 countries. In December of 2015, thanks in part
to its sophisticated security software that detects and re-
moves the virus (often before users are even aware they’ve
been targeted), Microsoft teamed up with various law
enforcement around the world, including the DHS and FBI,
to disrupt the Dorkbot network.
THE BEST PROTECTION. Once again, you need to get in-
side the minds (and skillsets) of the criminals to fight them
effectively. A 2014 Rand study found that computer securi-
ty companies and software vendors often pay researchers
a bounty for cyberweapons, so they can take them off the
market before they’re used for attacks. But the dealers can
earn 10 to 100 times more on the gray markets, where gov-
ernment and agencies and corporations are the big buyers,
as well as on the black market where criminals conduct
their business.18
22Cyberweapons Dealer
We’ve taken a high-level threat assessment
of seven different but dangerous attackers.
Securing organizations from rapidly evolving
threats and mitigating the risks associated
with the digital world that we live in requires
a new approach to cybersecurity. One of the
best ways to protect your data is to move it
into Office 365 and take advantage of the
expertise Microsoft can deliver.
OFFICE 365 SECURITY. Microsoft takes
extensive measures to protect your data
in Office 365. Our investment in security
resources is among the best in our industry,
and we are constantly looking for new,
innovative ways to protect your data.
Microsoft continuously invests in advanced
security tactics, it has world-class security
experts, and the datacenters have incredible
investments in physical security features.
Security is a journey not a destination.
Knowledge and preparation are power.
23
One security innovation utilized by Microsoft is
Red Teaming, a type of wargame that leverages
actual attacks to test Microsoft’s systems and
operations. These real-life attacks are launched
by our internal Red Team and defended against
by our Blue Team. By simulating actual attacks
against Microsoft services, we can better antici-
pate and protect against threats to your data. Red
Teaming is just one part of our overall approach
to security. Our defense in-depth strategy lever-
ages six layers of security to protect your data
from attackers. These layers are physical, network,
identity, host security, application-level security,
and data security.
DATACENTER PHYSICAL SECURITY. Office
365 data is stored in Microsoft’s network of
datacenters, strategically located around the
world. These datacenters are built from the
ground up to protect services and data from
harm by natural disaster or unauthorized access.
Datacenter access is restricted 24 hours per day
by job function so that only essential personnel
have access to customer applications and ser-
vices. Physical access uses multiple authentication
and security processes, including badges and
smartcard, biometric scanners, on-premises
security officers, continuous video surveillance,
and two-factor authentication. The datacenters
are monitored using motion sensors, video sur-
veillance, and security breach alarms. To prepare
for a natural disaster, the datacenters use seismi-
cally braced racks where required and have auto-
mated fire prevention and extinguishing systems.
DATACENTER NETWORK SECURITY. Networks within Office 365 datacenters are
segmented to provide physical separation of
critical back-end servers and storage devices
from the public-facing interfaces. Microsoft
Edge router security detects intrusions and
signs of vulnerability. Customer connections
are encrypted using industry-standard Transport
Layer Security (TLS)/Secure Sockets Layer (SSL).
The use of TLS/SSL establishes a highly secure
client-to-server connection to help provide data
confidentiality and integrity between the desk-
top and the datacenter.
IDENTITY AND ACCESS CONTROL. In this
digital world filled with hackers, it is critical for
customers to be able to control who can access
data and how they can use it. Office 365 is
integrated with Active Directory, Azure Active
Directory, and ADFS. This integration provides
strong authentication and granular control over 24
to the secondary datacenter as one of the
recovery mechanisms.
The throttling mechanisms in Exchange Online
and SharePoint Online are also important tools that
defend against DDoS attacks. Exchange throttling
for users is based on the amount of Active Directo-
ry, Exchange store, and other resources that a user
consumes.
DATA SECURITY. Office 365 is designed to host
multiple tenants in a secure way through data iso-
lation. Data storage and processing for each tenant
is segregated through Active Directory and capabil-
ities specifically developed to help build, manage,
and secure multitenant environments.
Within Microsoft datacenters, staff’s access to
the IT systems that store customer data is strictly
controlled via role-based access control (RBAC)
and lockbox processes. Access control is an auto-
mated process that follows the separation of duties
principle and granting least privilege. Engineers
request access for particular tasks into a lockbox.†
The lockbox process determines the duration
and level of access.
how IT professionals and users can access and
use the service.
HOST SECURITY. Antivirus and antispam
protection is delivered through Exchange
Online Protection and Advanced Threat Pro-
tection.* These services deliver comprehensive
protection against known malware and zero-day
attacks. They are easy to use and deliver granular
controls.
APPLICATION LEVEL. Office 365 services
are intentionally built to support a very high
load and to protect and mitigate against appli-
cation-level DDoS (distributed denial-of-service)
attacks through the implementation of throt-
tling, a scaled-out architecture, regional isolation,
and high-performance components.
We also leverage our global presence to
distribute attacks across a vast surface area.
Customer data is replicated to redundant
datacenters in a primary/backup fashion.
The distribution of data in multiple datacenters
reduces the affected surface area in case one
datacenter is attacked. The services in the
affected datacenter can be quickly failed over
25
* Available in Office 365 Enterprise E5 or as a standalone † Customer Lockbox Available in Office 365 Enterprise E5 or as a standalone
Customer data in Office 365 exists in two states:
at rest on storage media and in transit from
Office 365 over a network to a customer
device. Office 365 allows encryption of data in
both states to make it unreadable to unautho-
rized parties. All email content is encrypted on
disk using BitLocker 256-bit AES Encryption.
With all of the potential threats out there,
don’t try to protect your data on your
own. Take advantage of the expertise that
Microsoft delivers with Office 365.
Download Empowering Employees in a Digital World E-book to learn how to get a secure, productive workforce with enterprise cloud services.
Watch this episode of Modern Work-place, Inside Security: Help Keep Your Organization Safe, to learn how you can protect your organization from cybersecurity attacks.
¹ Anderson, Vicki D. (Special Agent). “Ransomware: Latest Cyber Extortion Tool.” FBI Cleveland. April 26, 2016. https://www.fbi.gov/contact-us/field-offices/cleveland/news/press-releases/ransomware-latest-cy-ber-extortion-tool
2 Pascual, Al. “$16 Billion Stolen From 12.7 Million Identity Fraud Victims in 2014, According to Javelin Strategy & Research.” Javelin. March 3, 2015. https://www.javelinstrategy.com/press-release/16-billion-sto-len-127-million-identity-fraud-victims-2014-accord-ing-javelin-strategy
3 Yasin, Rutrell. “Cybercrime Now Surpasses Traditional Crime In UK.” Dark Reading. June 8, 2016. http://www.darkreading.com/threat-intelligence/cybercrime-now-surpasses-traditional-crime-in-uk/d/d-id/1326208
4 Proofpoint Staff. “Proofpoint Threat Report: Top Trends of 2015 So Far.” Proofpoint. August 13, 2015. https://www.proofpoint.com/us/threat-insight/post/Top-Trends-of-2015
5 “Norton Cybersecurity Insights Report”. Norton. 2016. https://us.norton.com/norton-cybersecurity-in-sights-report-global?inid=hho_norton.com_cybersecu-rityinsights_hero_seeglobalrpt
6 “2015 Internet Crime Report.” FBI. 2016. https://pdf.ic3.gov/2015_IC3Report.pdf
Sources⁷ Wlasuk, Alan. “Help! I Think My Kid Is A Script Kiddie.” Security Week. January 13, 2012. http://www.securityweek.com/help-i-think-my-kid-script-kiddie
8 LeBlanc, Dee-Ann. “How to Protect Yourself Against Script Kiddies.” Information Week. August 6, 2004. http://www.informationweek.com/how-to-protect-yourself-against-script-kiddies/d/d-id/1026655
9 “What Is A Script Kiddie?” Security News. http://www.pctools.com/security-news/script-kiddie/
10 Ibid.
11 Greenberg, Andy. “Verizon Study Confirms 2011 Was The Year Of Anonymous, With 100 Million Users’ Data Breached By Hacktivists.” Forbes. March 22, 2012. http://www.forbes.com/sites/andygreen-berg/2012/03/22/verizon-study-confirms-2011-was-the-year-of-anonymous-with-100-million-credentials-breached-by-hacktivists/#86e7cdf1f227
12 Ibid.
13 Samani, Raj. “What Morpho Means: Why Hackers Target Intellectual Property And Business-Confiden-tial Information.” Dark Reading. June 13, 2015. http://www.darkreading.com/partner-perspectives/intel/what-morpho-means-why-hackers-target-intellec-tual-property-and-business-confidential-informa-tion/a/d-id/1321275
14 “2015 Cost Of Cyber Crime Study: United States”. Ponemon Institute. October 9, 2015. http://www.ponemon.org/library/2015-cost-of-cyber-crime-unit-ed-states?s=+cost+of+cyber
15 Armerding, Taylor. “Cybercrime: Much More Or-ganized”. CSO. June 23, 2015. http://www.csoonline.com/article/2938529/cyber-attacks-espionage/cyber-crime-much-more-organized.html
16 FBI. “Vulnerabilities And Post Exploitation IOCs For An Advanced Persistent Threat.” FBI Flash. May 11, 2016. [PDF]
17 Walls, Mike. “Nation-State Cyberthreats: Why They Hack.” Dark Reading. January 8, 2015. http://www.darkreading.com/informationweek-home/nation-state-cyberthreats-why-they-hack-/a/d-id/1318522
18 Ablon, Lillian and Martin C. Libicki, Andrea A. Golay. “Markets For Cybercrime Tools And Stolen Data.” Rand National Security Research Division. 2014. http://www.rand.org/content/dam/rand/pubs/research_reports/RR600/RR610/RAND_RR610.epub
©2017 Microsoft CorporationAll rights reserved.
