Cybercrime and Espionage




Introduction. 2

Challenges of Securing Information. 2

Next-generation Techniques and Tools for Avoidance. 4

Next-Generation Techniques for Detection, Identification, and Analysis Relating to Cybercrime and Espionage   6

References. 8

Cybercrime and Espionage


This paper will discuss the challenges of securing information besides identifying the next-generation techniques and tools for the avoidance of cybercrime. Moreover, it shall explore the next generation methods for detection, identification, and analysis relating to cybercrime and espionage. Many setbacks confront information security thus demanding that IT gurus devise new technologies for the detection and prevention of information risks.

Challenges of Securing Information

Today, efforts to secure information are being hampered by three major challenges: insider threats, mobile security, and ransomware threats. To begin with, hackers are on the rise, and their core business is=remotely invading computer systems. However, in most cases, the threats that companies face come from people who have detailed information about them, such as employees who hold legitimate access to systems. Third parties, for example, consultants and contractors, can also pose an inside threat (Knapp et al., 2006). When people associated with a company steal information, it might take longer for the enterprise to identify the source of the security breach.


Moreover, when the firm becomes aware that information is being stolen, determining the extent of the problem or the duration in which the challenge has persisted can be an uphill task. Therefore, a company could suffer severe damages when security breaches come from within than when they are perpetrated by outsiders. The two major conditions that worsen inside threats include cost-cutting measures and inadequacy of skilled staff. As a result, the affected firm may not be in a position to institute an immediate incident response (Knapp et al., 2006). The smaller the budget allocation to system safety, the higher the level of vulnerability.

The second challenge is mobile security. We are living in the age of smartphones and tablets which are affordable to many people, thus creating a suitable environment for people to perform workplace tasks using their mobile devices. Sometimes employers assign these devices to workers, and many individual employees prefer to use their personal gadgets to conduct work affairs. In either case, there is a security risk involved in efforts to promote the integrity of both the mobile equipment and the information. Most companies have resorted to mobile device management (MDM) as well as mobile application management (MAM) systems to rid themselves of this challenge. The applications are designed to separate business data from personal information (Knapp et al., 2006). Moreover, in the event of theft or loss of the device, a “switch key” clears all the information inside the gadget.

The third challenge involves ransomware threats. The threats restrict authorized users of a computer from accessing it with the aim of extorting money from them. Small businesses and individuals are the most vulnerable targets of this threat, and there are this method may get more sophisticated. Thus, the number of victims of this kind of threat may increase in the foreseeable future. Systems linked to cloud storage solutions appeal more to ransomware than their local storage counterparts. Encrypting storage apps such as Dropbox or Google Drive increases the adverse effects of ransomware threats. There have been cases where the malware also locks cloud backup copies, which means the recovery chances become even slimmer (Knapp et al., 2006). In this day and age, companies have embraced cloud storage since it lowers IT costs significantly. However, cybercriminals see this development as an opportunity to access and tamper with companies’ data.

Next-generation Techniques and Tools for Avoidance

Cyber actors gear their efforts toward avoiding detection from any tools employed to keep information safe. Towards, the three major next-generation techniques for avoiding cybercrime have been developed, and they include malware quality assurance testing, packers, and Pretty Good Malware Protection (PGMA). To begin with, the main components of malware quality assurance testing are antivirus and intrusion detection systems (IDS). Most companies prefer to install antivirus software for detecting malware. Antivirus software has already established in the market as the best tool for providing information security. Therefore, the malware developers can seize the opportunity to use vendor-provided online malware scanners since they have the capacity to offer an instant solution in the event of malware attacks.

Moreover, it is advisable for companies to engage other online scanners as they identify the most legitimate antivirus vendors considering that time is a major factor in this procedure. The strategy of using direct connections to online scanners in testing the malware samples carries some disadvantages as well. For example, there is a high probability of attribution which comes from the preferred online sources. For instance, some of them could withhold information about the samples that have passed the test of Law Enforcement (LE) or other national government entities. One tool that is being used in virus detection is VirusTotal, which is capable of submitting a URL link. VirusTotal also has the capability to detect URLs that have previously been used to deliver malicious content.

Various tools for the local testing of the malware samples are available, an example of which is Kims v2, which works in a similar way as VirSCAN or and VirusTotal. Though written in Spanish, the tool enables users based in various regions of the world to test against multiple AV engines. The fact that users can perform QA of their malware as well as find out its reputation is proof that even cybercriminals can do the same. A simple Google search provides cybercriminals with a wealth of information such as a list of various tools, where to buy them, and directions for use.


Moreover, packers constitute an equally important next-generation tool of cybercrime avoidance. They function by way of hiding malware and bypassing antivirus. A packer can obfuscate code thus making it impossible to reverse-engineer it. Other types of packers tend to introduce an encryption element, a variable commonly used to deliver exploits (Ollmann, 2009). These tools should function to keep a company’s code safe from being reverse-engineered. ASPack is an ideal example of a packer that has common usage.

Another example of a packer, UPX, introduces artifacts inside the code, thus manipulating some antivirus engines to ensure that these instruments are not foolproof. However, cybercriminals can still use these tools to mask their code. Fortunately, some varieties of packers have the tendency to leave trace artifacts behind. With the use of detection engines, it is possible to pick up these trace objects.

Thirdly, Pretty Good Malware Protection (PGMA) is also being used to enhance cybersecurity. The public lacks access to this tool that has given packing some new meaning. It gives users room to take a known malware sample whose probability of detection by the antivirus engines is high. The user can then repack the code having introduced very high encryption. After the PGMP processes the code successfully, there is no technical method that the antivirus engines can employ to establish the maliciousness of the code or even determine its legitimacy. However, the execution of the encrypted code on the endpoint leads to the code un-encrypting itself and starting the execution process. The level of sophistication in the PGMP is very high, such that it introduces a new level of obfuscation that greatly enhances the level of data security.

Next-Generation Techniques for Detection, Identification, and Analysis Relating to Cybercrime and Espionage

The attempt to keep off from the next generation threats and attacks is an exercise that demands more than just antivirus software, intrusion detection systems (IDS), and a traditional firewall. However, these tools have a proven record of past performance, and most companies still embrace them in securing information. In this day and age, cybercriminals can infiltrate information from outside an organization. As a result, these practices might not deliver any information safety since they will mostly notify you of the presence of malware on your network when the cyber actors have already succeeded in hacking the data.

Three next-generation techniques that should be introduced include legacy firewalls, anti-virus software, and Intrusion Detection Systems (IDS). In as much as almost all companies employ legacy firewalls as a protection tool, the truth is that they are not useful in the modern set-up since they have not been upgraded to confront the attacks of the 21st century (Pirc, 2009). At the same time, the demand for antivirus in securing data keeps on increasing and will not fade away anytime soon. However, some of the AV vendor’s capability to confront the large amounts of malware generated every day is just too insignificant. Companies need to incorporate other techniques in safeguarding their data, for instance, IP and URL (Espiner, 2010).

Regarding intrusion Detection Systems (IDS) and Intrusion Prevention Systems, it should be noted that the nature of operations of different companies determines the level of information security risk. The common trend is the deployment of a 60 percent component in IPS and a 40 percent component in IDS. Whereas IPS functions to alert and block malicious traffic, IDS only alerts users about malicious traffic. However, today‘s IDS no longer works as a mitigating control in an attempt to maintain PCI-DSS compliance. It has become a basic need for information security (Roehm, 2010). Thus, it becomes a grave matter when companies employ this technology in detection mode only since it increases their vulnerability to information threats.

In conclusion, the paper has explained various challenges of securing information security, for example inside threats. It has also identified next-generation methods and tools for avoidance. Moreover, it has explored the next-generation techniques for detection, identification, and analysis relating to cybercrime and espionage. Although -protecting company information is a difficult undertaking, primarily development in terms of next-generation techniques, provide, provide a platform through which the challenges of cybercrime and espionage can be tackled effectively.


Espiner, T., (2010). Teenagers accused of running cybercrime ring. ZDNet UK. Retrieved on February 18th, 2016, 08/06/teenagers-accused-of-running-cybercrime-ring-40089761/

Knapp, K. J., Marshall, T. E., Rainer Jr, R. K., & Morrow, D. W. (2006). The top information security issues facing organizations: What can the government do to helpnetwork security1, 327.

Ollmann, G., (2009). Want to rent an 80–120k DDoS Botnet? The Day Before Zero. Retrieved on February 18th, 2016, from¼330

Pirc, J., (2009). SANS Technology Institute: Common network security misconceptions: Firewalls exposed. Security Laboratory. Retrieved on February 18th, 2016,

Roehm, E., (2010). Meta network: Improving medical statistics. Retrieved on 18th Feb, 2016 from

Get a 5 % discount on an order above $ 100
Use the following coupon code :