The malware markets make it possible for almost anyone to gain access to malicious software. Even the most advanced components, developed by some governments to create secretive espionage tools, sometimes make their way into these markets as well like the Equation Group tools built by the NSA then leaked by the ShadowBrokers. Groups targeted by government-built malware have also reused code and techniques from that same software, just as governments have reused tricks they learned from criminal groups. Highly capable criminal groups have found and leaked the source code for rival’s tools like Zeus, Carberp, and the Mirai botnet. A vulnerability identified by the NSA, and later developed into an exploit called Eternal Blue, was leaked and later integrated into the WannaCry ransomware, which spread rapidly across the globe, and the notPetya wiper, which targeted millions of computers in Ukraine, Western Europe, and the United States. These malware markets can act as a transmission belt, moving innovative malware from high to medium and even low skill groups.
The impact of this innovation is to lower the barrier to entry and make financial benefit from cyber crime that much easier. The chart above shows the change in costs associated with a breach, helping to underline the growing impact from cyber crime.