You\u2019ve likely heard of software-as-a-service (SaaS), infrastructure-as-a-service (IaaS), and numerous other \u201cas-a-service\u201d platforms that help support the modern business world. What you may not know is that cybercriminals often use the same business concepts and service models in their own organizations as regular, non-criminal enterprises; i.e., the same practices the majority of their intended victims use.
As senior threat research analyst Kelvin Murray explains to Joe Panettieri, editor of Channel E2E and MSSP alert, in our most recent Hacker Files podcast, cybercrime-as-a-service \u201cessentially follows the same path as most as-a-service things in business.\u201d He goes on to explain, \u201cIf you were a small company in 2002 and needed to set up email, you\u2019d set up a mail server, a mail relay, mail clients, and you might hire an email admin. And then you might have to set up things like spam filters yourself. People like Microsoft figured out that they could just provide all of [these services] from a web page and rent it out to companies and take all the hassle out of companies\u2019 hands.\u201d That\u2019s the as-a-service model in a nutshell.
According to Kelvin, a very similar thing happened in the cybercriminal space. Effectively, talented criminals who\u2019ve written successful malicious code have begun renting access to their own cybercrime \u201csolutions\u201d to lower-level criminals who either don\u2019t have the resources or know-how to design, write, and execute cyberattacks on their own.
Of course, the people providing the so-called service don\u2019t do so out of any goodness in their hearts; they do it for a cut (sometimes a significant one) of any profits made in an attack that uses their code.<\/p>\n\n\n\n