Cybercriminals typically prefer to use malware they can buy on the black market, rather than produce their own unique software, according to a Websense threat report . In fact, most hackers prefer the cheapest, most efficient software they can find for creating data breaches. In other words, creating advanced malware such as Stuxnet from scratch is a relatively rare occurrence.
According to Charles Renert, vice president of Websense Security labs, the number of hackers who purchase exploit kits rather than build their own malware is about 1,000 to 1. Having said that, most of the kits that are utilized by hackers get further modified so that they will continue to work despite fixes to security breaches.
The strategy that most hackers are now employing when buying hacking tools is akin to that used by a business driven by profit and risk management. It is less expensive for hackers to buy readily made hacking software, change it slightly and employ it on a vast array of targets. The easiest places to hack will be hacked, and those that are not as easy to hack will be considered too difficult to bother with.
"Our contention is there's not a lot of new stuff being invented," Renert said. "They use the stuff that's cheapest to create for the highest value, and that is slight incremental improvements [in their attacks]. They are having a tremendous deal of success."
Hacking is a Business
Hacking has become a geographically diverse enterprise that often has ties with organized crimes and nation states, according to security expert Lillian Ablon .
Hacking on a large scale can be more profitable than the drug trade, .
Most Hackers are Driven by the Bottom Line
Hackers would rather use easy exploits than try to hack something that has been called "unhackable." For example, rather than getting past the latest iteration of some complex security system, hackers would rather just break into a computer by using Java exploits. According to Dark Reading, Java continues to be riddled with security holes and most people don't keep it up to date.
Additionally, hackers still tend to employ Trojans. Typically, they will hack a legitimate website and add a malicious link. This happens in 85 percent of cases involving malicious links. In contrast, only 30 percent of malware utilizes custom encryption, according to the Websense report.
Instead, according to RAND, hackers are focusing more on being as covert as possible, moving to darknets and increasing their anonymity.