The National Academies Press

Currently Skimming:

6 Market Behaviors, Cybersecurity, and Crime - Future Trends in Behavior, Targets, and Capabilities
Pages 33-44

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 33... ... He noted that his work focuses on economics as well as some of the social factors that allow people to build networks of common interest. Market Behaviors, Cybersecurity, and Crime -- Future Trends in Behavior, Targets, and Capabilities 33 Read the entire page →
From page 34... ... Savage explained that his team's work often involves engaging directly with these Empirical analysis open markets or with criminals in order to develop more opportunities to observe what of cyber crime is happening. He said that with sufficient and cybersecurity observation, his team may discover a leak (some ground truth) Read the entire page →
From page 35... ... They require the entity signing up to do something that is difficult for computers to solve automatically but easy for humans to do. Adversaries attempting to bypass CAPTCHAs do not do so with clever computer vision algorithms, but with outsourced human labor to places such as China, India, or Bangladesh that have low-cost labor but good Internet connectivity. Read the entire page →
From page 36... ... Savage explained that his team added phone verification SMS challenges to the account workflow. The team was able to track the cost of bulk registrations of Google accounts versus other webmail providers. Read the entire page →
From page 37... ... He said his team worked to associate particular websites with particular criminal organizations; a researcher went undercover and pretended to join more than half of them so that the team had ground truth. Next, the team cut a deal with a bank so that it could make purchases Market Behaviors, Cybersecurity, and Crime -- Future Trends in Behavior, Targets, and Capabilities 37 Read the entire page →
From page 38... ... He described similar work with the pharmaceutical industry that shutdown about 50 percent of the organizations that were selling online drugs. The European banks that were participating largely exited that market. Read the entire page →
From page 39... ... He explained that because the team had the complete balance sheet of several of these organizations, it could see that less than two percent of the costs are replacement domains, the economics of the domain registration market. Savage turned to a more general issue regarding cyber defenses that are made public or can be seen publicly. Read the entire page →
From page 40... ... Approximately 40 percent of users reuse passwords, he said, and 20 percent share a password with their primary email account.3 As a result, it is quite common when there is a breach of credential files that the bad actors will try to crack the password hash file using a dictionary attack (where they try all possible passwords) , and then see whether they can login to the associated email account. Read the entire page →
From page 41... ... It did this, he said, mainly as a way to infer breach severity. If a bad actor broke into the second type of account, then either the site was not using password hashes or someone was doing a man-in-the-middle attack on account setup. Read the entire page →
From page 42... ... He explained that generally speaking, his team is doing observational measurement studies. Dynes asked whether the team thought about designing ways to retaliate against or foil attackers directly. Read the entire page →
From page 43... ... He said, "I think this is unfortunate because it is an enormous data set and is exactly the kind of thing that modern data mining techniques would be good at analyzing." Sara Gamberini, National Defense University, asked about the data breach project. She wondered whether, in cases where the team discovered a breach that had not been made public, it felt they had a responsibility to the general public to disclose. Read the entire page →
From page 44... ... that means is that even if a company resets the passwords, it is not clear that the systems become safer. 44 Technology / Partnerships / Counterproliferation Read the entire page →

From page 33...

... He noted that his work focuses on economics as well as some of the social factors that allow people to build networks of common interest. Market Behaviors, Cybersecurity, and Crime -- Future Trends in Behavior, Targets, and Capabilities 33

Read the entire page →

From page 34...

... Savage explained that his team's work often involves engaging directly with these Empirical analysis open markets or with criminals in order to develop more opportunities to observe what of cyber crime is happening. He said that with sufficient and cybersecurity observation, his team may discover a leak (some ground truth)

Read the entire page →

From page 35...

... They require the entity signing up to do something that is difficult for computers to solve automatically but easy for humans to do. Adversaries attempting to bypass CAPTCHAs do not do so with clever computer vision algorithms, but with outsourced human labor to places such as China, India, or Bangladesh that have low-cost labor but good Internet connectivity.

Read the entire page →

From page 36...

... Savage explained that his team added phone verification SMS challenges to the account workflow. The team was able to track the cost of bulk registrations of Google accounts versus other webmail providers.

Read the entire page →

From page 37...

... He said his team worked to associate particular websites with particular criminal organizations; a researcher went undercover and pretended to join more than half of them so that the team had ground truth. Next, the team cut a deal with a bank so that it could make purchases Market Behaviors, Cybersecurity, and Crime -- Future Trends in Behavior, Targets, and Capabilities 37

Read the entire page →

From page 38...

... He described similar work with the pharmaceutical industry that shutdown about 50 percent of the organizations that were selling online drugs. The European banks that were participating largely exited that market.

Read the entire page →

From page 39...

... He explained that because the team had the complete balance sheet of several of these organizations, it could see that less than two percent of the costs are replacement domains, the economics of the domain registration market. Savage turned to a more general issue regarding cyber defenses that are made public or can be seen publicly.

Read the entire page →

From page 40...

... Approximately 40 percent of users reuse passwords, he said, and 20 percent share a password with their primary email account.3 As a result, it is quite common when there is a breach of credential files that the bad actors will try to crack the password hash file using a dictionary attack (where they try all possible passwords) , and then see whether they can login to the associated email account.

Read the entire page →

From page 41...

... It did this, he said, mainly as a way to infer breach severity. If a bad actor broke into the second type of account, then either the site was not using password hashes or someone was doing a man-in-the-middle attack on account setup.

Read the entire page →

From page 42...

... He explained that generally speaking, his team is doing observational measurement studies. Dynes asked whether the team thought about designing ways to retaliate against or foil attackers directly.

Read the entire page →

From page 43...

... He said, "I think this is unfortunate because it is an enormous data set and is exactly the kind of thing that modern data mining techniques would be good at analyzing." Sara Gamberini, National Defense University, asked about the data breach project. She wondered whether, in cases where the team discovered a breach that had not been made public, it felt they had a responsibility to the general public to disclose.

Read the entire page →

From page 44...

... that means is that even if a company resets the passwords, it is not clear that the systems become safer. 44 Technology / Partnerships / Counterproliferation

Read the entire page →

← Previous Chapter Skim

Next Chapter Skim →

This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More information on Chapter Skim is available.

6 Market Behaviors, Cybersecurity, and Crime - Future Trends in Behavior, Targets, and Capabilities Pages 33-44

6 Market Behaviors, Cybersecurity, and Crime - Future Trends in Behavior, Targets, and Capabilities
Pages 33-44