BENGALURU: Despite recent crackdowns by law enforcement agencies on underground forums like Genesis and Breached, experts warn that cybercriminal activities are unlikely to stop. Darshit Ashara, Head of Research at cybersecurity firm CloudSEK, says that while such crackdowns may cause a temporary ripple effect, new criminal shops will eventually pop up in other forms.
In an exclusive interview, Darshit Ashara discusses the future of underground forums, how law enforcement agencies can prevent them from re-emerging, and what individuals and organizations can do to protect themselves from becoming victims of cybercrime.
Q: What do you think is the future of such platforms after the crackdown? Do you think they will resurface in some other form?
Darshit Ashara: There are multiple criminal shops similar to Genesis that are still operational. While there might be an arrest on one shop, others will definitely pop up either in the form of a website or a private group operated over forums/Telegram, but it definitely will.
Q: How do you think the users of these underground forums will be affected by the crackdown? Will they move to other platforms or quit altogether?
Darshit Ashara: If you check historically, there were several crackdowns on underground forums, and with each iteration, there is a change in individuals operating and opening up discussion forums with new names. For some time, there is a huge shift of cybercriminal discussions moving to private communication/discussion channels such as Discord, Telegram and more. While the crackdown helps in catching a set number of cyber criminals, the really smart ones learn from other people’s arrests and make sure to follow the right Operational Security practice.
Q: From a law enforcement point of view, how effective do you think this crackdown has been in curbing cybercriminal activities?
Darshit Ashara: These crackdowns do cause a ripple effect or downtime in the market, but there are lots of individuals ready to replace the current set of cyber criminals who are either financially affected or repressed in the real world, so they chose the digital world to unleash that power.
Q: What measures do you think law enforcement agencies should take to prevent such underground forums from emerging again in the future?
Darshit Ashara: It is really difficult for law enforcement agencies, but many of these underground forums start under the disguise of freedom of speech or start with low-level/petty offerings, which law enforcement would ignore.
Q: How do you think cybercriminals will respond to this crackdown? Will they find new ways to conduct their activities?
Darshit Ashara: It is and has been a cat-and-mouse game between cybercriminals and law enforcement. In recent times, the trend has been to operate in trusted groups operating on a variety of Internet Messaging channels.
Q: In your opinion, what are the most common types of cybercriminal activities that are carried out on underground forums like Genesis and Breached?
Darshit Ashara: On Genesis, the customer base varied from criminals operating as initial access brokers, ransomware operators, business email compromise scammers, involved in financial frauds, i.e., monetizing from bank accounts, and more. While on Breached, the age group of cybercriminals is quite young who were primarily focused on exfiltrating the database and credentials either for financial gains or reputation.
Q: How can individuals and organizations protect themselves from becoming victims of cybercrime?
Darshit Ashara: On an individual level, make sure not to reuse the same password on different online services, and not trust file downloads or links that are offered in the disguise of cashback/reward or messages/calls that declare urgency to share personal information or credentials. And recently we have had a pattern where cybercriminals are targeting individuals trying to download paid software for free which is causing a tremendous amount of malware infection.
As for organizations while the above methods should be provided in the form of training to employees, trying to implement a zero-trust policy, data government, and access control on who has access to what kind of information.
Follow The420.in on