A field experiment to examine objective cybercriminal behavior in an access-as-a-service marketplace: trust signals, target selection, and attack techniques

• In Event: Cybercrime Offenders & Victims I

Abstract

Cybercrime-as-a-service has made cybercrime more accessible. Whereas cybercriminals once needed extensive knowledge, complex infrastructure, and specialized skills, they can now launch sophisticated attacks using ready-made services. Illicit marketplaces offer a wide range of such services at varying prices, yet little is known about what drives offenders’ choices. This presentation introduces a novel experimental design that aims to examine how trust signals on an access-as-a-service platform that mimics a real-world illicit marketplace influence the target selection of virtual machines, and how potential cybercriminals behave in the compromised systems offered there. A pilot study serves as a proof-of-concept of the necessary infrastructure and provides insight into the type of data that can be collected, as well as the research questions that can be answered with this research design.

Authors

• Asier Moneva, Netherlands Institute for the Study of Crime and Law Enforcement (NSCR); The Hague University of Applied Sciences

• Yasen Yalamov, Eindhoven University of Technology

• Roy Ricaldi, Eindhoven University of Technology

• Michele Campobasso, Forescout Technologies

• Luca Allodi, Eindhoven University of Technology

• Hannah Kool, NSCR

• Rutger Leukfeldt, NSCR