Google’s aim is to target the support infrastructure and financial services used by criminals
Now Google Researchers and various academic institutes are formulating ways to fight organized cybercrime by targeting the support infrastructure and financial services used by threat actors to conduct illegitimate activities
The goal is to seek and dejectcriminal activity to the extent possible by making it costlier for criminals to operate, According to Kurt Thomas and Elie Bursztein, two members of Google’s Anti-Fraud and Abuse Research.
Thomas and Bursztein stated, “By studying and understanding how cybercriminals are abusing the phone verified account system to do bulk registration of fraudulent accounts, Google, for instance, has been able to make its accounts 30 to 40 percent costlier to register in the black market.”
By studying the methods used by a group of 26 underground merchants to log fake Twitter accounts, researchers at the University of California, Berkeley, George Mason University and Twitter were able to create a method for retroactively detecting the fake accounts, which was used to disable 95 percent of all fraudulent accounts.
According to Thomas and Bursztein Such measures are needed because conventional client and server-side oriented countermeasures such as personal anti-virus tools, firewalls, network packet scanners, automated software updates, and two-factor authentication only have had a limited effect in stemming cybercrime.
Each time security researchers have developed defensive measures cyber criminals have been able to circumvent them. “While these safeguards have significantly improved user security, they create an arms race: criminals adapt or find the subset of systems that remain vulnerable and resume operation.”
The increasing sophistication and commoditization of the cyber underground has made it easy for criminals from everywhere to trade in knowledge, technologies, services, and data for defrauding businesses and users.
The Google researchers stated, The availability of specialized services for buying and selling infected systems, exploit kits, spam hosting, and user records have transformed cybercrime into a massive collaborative operation among criminals.“An alternative strategy in this space is to target resource bottlenecks within the underground”, they added. The goal should be to try and make it costlier for cybercriminals to do business.