Extorting money from unwitting internet users through sophisticated social engineering and targeted ransomware is the future of cyber crime, according to Sean Sullivan, a lead researcher at security firm F-Secure.
Sullivan has spent years conducting extensive cyber crime and malware research at the F-Secure Labs in Helsinki, and believes that extortion is the emerging motivation for online criminals.
"The future is extortion. For example, banking trojans used to be able to live on a home Windows machine in a root kit for months and wait for you to do your monthly banking," he said.
"Now, the operating system is hardened. Windows is a good operating system and it's secure. [Attackers] only have a week or even days before an antivirus catches them or there is a patch from Microsoft. So if they get in they can't remain stealthy forever like they used to."
Sullivan said that cyber criminals now use targeted ransomware, especially to combat the banks which are improving online protection.
However, he warned that "small to medium sized businesses that move £5,000 or £10,000 pounds around are still a large target for banking trojans".
This evolution is part of a push towards a "more immediate payoff", according to Sullivan.
"Better security is making it more difficult to remain persistent in order to be a man in the middle, so it creates pressure to monetise victims sooner rather than later," he told V3.
Yet recent large-scale attacks, including the breach at Sony Pictures, continue to be financially motivated despite the smokescreen of hacktivism, Sullivan explained.
Many pointed to the North Korean government as the culprit when Sony was initially breached, blaming the release of a film called The Interview that depicted leader Kim Jung Un in a negative light. However, Sullivan is sceptical about this explanation.
"I don't think the regime started it. I think North Korea is guilty of kicking a company when it was down. This was a shake-down initially. Extortion is the future," he repeated.
Jonathan Sander, vice president of product strategy at Lieberman Software, told V3 that online extortion comes in a variety of forms.
"A small form of malware that is making large amounts of real money today is CryptoLocker. It encrypts your files, and you either pay or lose them forever. This has cost companies huge sums of money when they get a bunch of machines hit all at once," he said.
"Not as common, but just as harmful, is the use of stolen information to extort. We all know of cases where prominent politicians have been embarrassed by photos of them in states of undress.
"It's easy to picture the same situation with someone who is extorted by the cyber criminal who has the photo and simply threatens to release it. And, unlike in days past, you can't ask for the negatives and know you're safe."
The allure of financial gain
Meanwhile, F-Secure's Sullivan explained that this malware evolution has become "highly commoditised" as hackers take advantage of the dark web and anonymous bitcoin payments.
Furthermore, countries such as Russia continue to prop up hacking activity, including large botnets such as Gameover Zeus and Citadel, while the introduction of government-sponsored attacks has made online threats harder to prevent.
"Besides just worrying about completely unique malware we also have to worry about hackers combined with that," said Sullivan.
"Governments are using a lot of mercenaries. There are actual mercenaries that are coming out of the crime-ware economy who are professionals, particularly in Russia."
However, unlike the common perception that malware developers act from within political systems, Sullivan said it is in the best interests of cyber criminals, especially in Russia, to stay as far away as possible from government involvement.
"Malware guys aren't above the law [in Russia]. I think they want to stay out of sight of the law. They have IT talent so why would they operate in the open when a competitor can screw them when they could operate underground and keep the profits?" he said.
Sullivan noted that cyber crime is often a "rational" thing to do from the perspective of hackers in countries like Russia.
"The malware business to me is an economically rational thing to do when operating above board will get you sent to jail. It's a rational thing to do if you have IT talent and can do malware," he said.
Fundamental malware protection
Sullivan maintained that basic cyber hygiene is the key to protection, despite the talk of nation state actors and underground malware marketplaces, especially against spearphishing which remains a major entry point for criminals targeting businesses.
Security training is vital even when it comes to straightforward programs such as email and spreadsheets.
"If you do productivity training it will have security consequences. Don't assume your new employee knows how to use email well. It's an Achilles' heel to your organisation. A distracted person is a victim waiting to happen," he said.
Sullivan added that online users should create regular backups of important data. "I already have a selected amount of important pictures and data backed up because hard drives fail. I don't worry about trying to have everything backed up all of the time but just enough of the best stuff so that I won't lose everything," he said.
"If I'm protected from a hard drive failure, I should also be free to walk away from an extortion demand."
Moving into 2016
Financially motivated cyber crime is only going to get worse as we move into 2016, according to security firm Trend Micro, which estimates that criminals will increasingly take advantage of social engineering to infiltrate computers.
"Online threats will evolve to rely more on mastering the psychology behind each scheme than mastering the technical aspects of the operation. Attackers will continue to use fear as a major component of the scheme, as it has proved to be effective in the past," warned the 2016 Trend Micro Security Predictions report.
"Businesses will also fall for elaborate tricks that use new social engineering lures. We will see a significant increase in successful ploys designed to persuade employees to transfer money to a cyber criminal-controlled account.
"Reputation is everything, and threats that can ruin an individual's or a business' reputation will prove to be effective and - more importantly - lucrative."
Raimund Genes, chief technology officer at Trend Micro, told V3 that extortion is a rising problem but stopped short of branding it as the inevitable outcome for the long term.
"I wouldn't say it is the future of online crime, but it is definitely something which cyber criminals are doing more often," he said.
"In general you need to click several times to get your computer infected. And unfortunately we see careless users who ignore the warnings and become victims of ransomware - a form of extortion."
In order to protect against this type of attack, Genes told V3 that people need to use the "safeguards the operating system provides".
He added: "Be careful before you click on something and if it is from an unknown publisher, don't execute it. Use state-of-the-art malware protection and update frequently."
So while ransomware is on the rise and hackers will continue to exploit human nature, it is more important than ever to stay well informed and protected online.
The ghost is still in the machine
Campaigners want US authorities to break-up Instagram, WhatsApp and Messenger into separate companies
The perception of the industry as "a white man in a hard hat" is limiting new applicants, says Hayaatun Sillem
Almost two years late - and just as AMD is readying 7nm Zen 2 for early 2019