All businesses evolve and adapt to their environments. Businesses in the Dark Web are no exception. In the burgeoning and nearly unpoliceable business climate that is the Dark Web, it's only natural that businesses should become more "professional" — both in their revenue models and in their practices. We saw this happen in 2019 and expect even greater movement in this direction in 2020.
The "Servitization" of the Dark WebMaking money from stolen personal credentials via the Dark Web is pretty much de rigueur for would-be cybercriminals. Yet in the past, this process involved significant effort for the cybercriminal-to-be.
First, criminals needed to code or acquire a Trojan to use for infecting online banking portals or payment systems. Then they'd have to disseminate their malware and infect targets. Following the infection, they'd need to access all infected machines, harvest relevant data, and process it. Only then could they begin cashing out — selling stolen credentials or data via the Dark Web.
This process is now becoming astoundingly less complex — and infinitely more dangerous.
Servitization is the process of shifting from selling products to selling services that provide the outcomes those products deliver. This shift has transformed many above-board business models, and this same process will continue to spread across criminal networks this year and beyond. Today's cybercriminals are already buying and selling services rather than goods in the cybercrime financial ecosystem — and this trend will accelerate.
This means that threat actors no longer need to suffer the complexities of development, infection, extraction, and monetization on their own. Rather, they can use branded cybercriminal
