Trend Micro Report: Bigger Criminal Groups Operating Like Corporations

A new Trend Micro report shows how cybercriminal groups start behaving like corporations as they grow, with wages making up the highest percentage of their operating expenses.

In the report, Trend Micro outlines three types of organizations based on size. It used examples where it collected the most data from law enforcement and insider information.

Jon Clay, Trend Micro‘s vice president of threat intelligence, said the criminal underground is rapidly professionalizing, with groups beginning to mimic legitimate businesses that grow in complexity as their membership and revenue increases.

Trend Micro’s Jon Clay

“However, larger cyber crime organizations can be harder to manage and have more ‘office politics,’ poor performers and trust issues,” he said. “This report highlights to investigators the importance of understanding the size of the criminal entities they’re dealing with.”

A typical large organization allocates 80% of its operating expenses to wages. The figure is similarly high (78%) for small criminal organizations, according to the report.

Other common expenses include infrastructure (servers/routers/VPNs), virtual machines and software.

In addition, a new Bitdefender report shows cybersecurity professionals are often told to keep breaches confidential. The report is based on an independent survey and analysis of over 400 IT and security professionals. They ranged from manager to CISO. In addition, they work in companies with 1,000 or more employees in geographical regions including France, Germany, Italy, Spain, the United Kingdom and the United States.

See our slideshow above for more from the Trend Micro and Bitdefender reports.