The Hackers’ Bazaar -- Why Heartbleed is just the beginning.

In today’s ever expanding online landscape, new cyber threats are emerging with startling frequency. The latest is called Heartbleed, and it compromises the security infrastructure of tens of thousands of servers and puts at risk the data of millions of users. Heartbleed provides a ripe playground for cybercriminals to exploit unassuming users and unpatched websites. How damaging could this latest bug be? The answer may lie within the secret, dark recesses of the Internet where so-called black hat hackers buy, sell and trade the tools and services they use to exploit critical vulnerabilities like Heartbleed to steal the precious data of businesses, governments and individuals.
Cyber insecurity comes in many forms. Heartbleed comes hot on the heels of the December 2013 hack of retail giant Target, in which 40 million credit cards and 70 million user accounts were hijacked. Within days, the stolen data appeared on black markets that specialize in hacking tools, hacking services and the fruits of malicious hacking. The Target event was no anomaly, nor was it even the largest such breach on record – that honor goes to the 2009 data breach of Heartland Payment Systems, which reached roughly 130 million stolen records — yet it is a timely reminder that cybercrime is prevalent and increasingly and inextricably tied to a growing and maturing underground economy.
In the last 10-15 years, these black markets for cybercrime tools and stolen data have grown and matured by leaps and bounds, in terms of the size of markets, the number of participants and the amount of goods available. In 2006, for instance, only one new exploit kit – a software tool that can help create, distribute and manage attacks on systems – came onto the market; in 2013, 33 new ones emerged, according to researchers who closely monitor the development of exploit kits. The goals have changed too: In the early 2000s, the hackers that were creating viruses and worms mainly wanted the approval of their peers—they tended to be after notoriety, not cash. Only a few were carrying out identity and credit card theft. Skill levels were rudimentary, and most hackers knew each other. This was the age of small ad-hoc networks of “lone wolves.”

That age ended about 10 years ago. Since then, access to computing technology has become more prevalent as the global Internet population has nearly quintupled in size. Criminal enterprises have recognized a golden opportunity to exploit users and systems with less risk than traditional crime avenues. Malicious hackers and carders can buy and sell everything from stolen personal information to credit card numbers and account credentials. CarderPlanet and ShadowCrew are two examples of early web sites set up to serve this market. But while these pioneering sites reached only a few thousand users, today’s black market sites reach tens of thousands. Carder.su, for example, had as many as 80,000 members.
Today’s cyber black markets have evolved into playgrounds of financially driven, highly organized and sophisticated groups, often connected with traditional crime organizations. For certain levels of criminals, these black markets can be more profitable and less risky than the illegal drug trade; the links to end-users are more direct, and because worldwide distribution is accomplished electronically, the requirements are negligible. In many countries, malicious hacker activity is condoned – in fact, there are even reports of Eastern European hackers with government ties.