New America

What is the Impact of the Malware Markets?

What is the Impact of the Malware Markets?

The malware markets make it possible for almost anyone to gain access to malicious software. Even the most advanced components, developed by some governments to create secretive espionage tools, sometimes make their way into these markets as well like the Equation Group tools built by the NSA then leaked by the ShadowBrokers. Groups targeted by government-built malware have also reused code and techniques from that same software, just as governments have reused tricks they learned from criminal groups. Highly capable criminal groups have found and leaked the source code for rival’s tools like Zeus, Carberp, and the Mirai botnet. A vulnerability identified by the NSA, and later developed into an exploit called Eternal Blue, was leaked and later integrated into the WannaCry ransomware, which spread rapidly across the globe, and the notPetya wiper, which targeted millions of computers in Ukraine,  Western Europe, and the United States. These malware markets can act as a transmission belt, moving innovative malware from high to medium and even low skill groups.

Download PNG
Embed
<iframe width="800" height="800" src="https://newamericafoundation.github.io/newamerica-data-projects/?project=&vizId=cyber-malware__financial-impact"></iframe>

Financial Impact of the Malware Markets

The malware markets are growing in size and complexity, along with their negative financial impact.

The impact of this innovation is to lower the barrier to entry and make financial benefit from cyber crime that much easier. The chart above shows the change in costs associated with a breach, helping to underline the growing impact from cyber crime.

Prev. Section
Who is Involved with the Malware Markets?

About this Project

Computers and computer systems are becoming ubiquitous, managing everything from government databases, to grocery transactions, to activity on our own phones. However, these systems don’t come without their vulnerabilities, and their exploitation has never been in such high demand. So where does malicious software—the code designed to exploit these vulnerabilities—come from? 

This started as a project developed by Luke Heine and Brian de Luna of Harvard College in consultation with Trey Herr for CS 105: Privacy and Technology. Major credit to Kirk Jackson for his help with the graphic redesign. Additional thanks for feedback and support from the New America Cybersecurity Initiative including Rob Morgus, Joanne Zalatoris, and Ian Wallace. Thank you to Jim Waldo for the idea and Ben Buchanan for his review.

Authors

Brian de Luna is a data scientist at Airbnb. He has done a range of side projects that include data visualizations and analyses on topics ranging from malware markets to venture capital funding.

Luke Heine is a director at the Lab for Entrepreneurship and Development at the Harvard Institute of Quantitative Science. His research includes how risk is legitimised by capital and the bottlenecks of cluster formation. 

Trey Herr was a fellow in the Cybersecurity Initiative and formerly with the Belfer Center's Cyber Security Project at the Harvard Kennedy School. His work focuses on trends in state developed malicious software, the structure of criminal markets for malware components, and the proliferation of malware. 

Project Outline:

Dataset:

* If using Safari or Internet Explorer, right-click download link and select "Download Linked File"