6 ways cybercriminals use commercial infrastructure

Whether through fraud or legitimate purchase, cybercriminals increasingly depend on mainstream services to support their activities.

When it comes to cybercriminal infrastructure, the dark web gets the glory with its secret criminal marketplaces, illegal money laundering services and botnets as a service. Criminals also get a lot of what they need from legitimate commercial infrastructure providers.

It's not just because mainstream vendors are more reliable than people who break the law for a living. Using commercial infrastructure is also a way for cyber attackers to avoid detection and seem legit while they go about their criminal business. Here are some of the ways that criminals are using -- and abusing -- law-abiding technology infrastructure companies and service providers.

1. Stolen or legitimately purchased cloud services

Criminals can use legitimate payment methods to pay for cloud services, when they're putting them to use in ways that are not too obviously illegal.

In some cases, providers will also accept bitcoin or other anonymized payments. In other cases, there may be resellers, legitimate companies that buy services from the major cloud providers then resell them at a markup to anonymous buyers. "It's quite simple, actually," says Bryan Becker, security researcher at WhiteHat Security. "I did it with a large cloud hosting provider. You go to a website, and it looks and feels real, and you purchase the service and get access immediately. They're a legitimate reseller, but their whole business model is that you can buy hosting using bitcoin and other cryptocurrencies."

To continue reading this article register now

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!