How Cybercrime-as-a-Service Is Growing the Black Market

Most likely, you’re familiar with terms such as “software-as-a-service” (SaaS), “security-as-a-service” (SECaaS), “platform-as-a-service” (PaaS) and other anything-as-a-service (XaaS) concepts. According to Search Cloud Computing, XaaS recognizes the vast number of products, tools, and technologies that vendors now deliver to users as a service over a network—typically the internet. One you may not be familiar with though, is cybercrime-as-a-service (CaaS).

Similar to its counterparts, cybercrime-as-a-service addresses the array of cyberattack techniques, products, tools, and technologies threat actors use to carry out their attacks. These are then packaged together and offered to other hackers as—you guessed it—a service.

This blog will not only take a look at what cybercriminals are doing to further their own agendas, but also how they’re helping other hackers do the same with almost little to no technical skills required.

The ROI of Cybercrime

In our second annual Black Market Report, our Threat Resistance Unit (TRU) research team shares findings from the Dark Web and how cybercriminals are thriving in an underground economy that operates just like a legitimate marketplace. In fact, according to research by Dr. Michael McGuire in 2018, illicit and illegal online markets are now the most lucrative cybercriminal form of revenue generation, bringing in an estimated $860 billion annually.

Similar to any other business, the black market is run by supply and demand, and is filled with goods and services available for sale. Chief among the available offerings are cybercrime-as-a-service items:

Looking for an easy way to carry out a Distributed Denial of Service attack? That’ll be $60 per hour, $280 per day or $2,000 per month.

Want to spam 50,000 email addresses at the click of a button? $60.95, please.

Need a few more “likes” and “followers” on social media? You can get that for as cheap as $10-$20.

These examples only scratch the surface of what’s available to hackers who may not have the technical know-how to carry out a large-scale attack.

With the proliferation of cybercrime-as-service, there’s almost no longer a need for most cybercriminals to know how to code an attack in order to carry out their nefarious plans—they can simply buy it ready to go. Not only is it easier to purchase a pre-packaged service, but the return on investment can pay off for both parties.  As noted in Dr. McGuire’s report, “The Web of Profit,” individual hackers can earn anywhere from $3,500 to $166,000 or more per month. Meanwhile, cybercrime-as-a-service offerings bring in $1.6 billion in revenue per year.

Staying ahead of a Hacker’s Game

The underground digital shelves are filled with a constantly evolving product offering of criminal tools and services. Stolen credit card data, skimmers, money laundering services, corporate and personal documents—even cold, hard cash—are now common staples of the black market economy.

As cyberattacks continue to make headlines and prove to be lucrative business models for hackers, the goods and services also continue to be readily, and perhaps more easily, available on the Dark Web. After all, the end game in any business is to make a profit. However, this also puts a bigger target on the backs of individuals and organizations and further heightens the need for continued cybersecurity education, live 24/7/365 monitoring, and strong security postures.

A few tips outlined by our TRU researchers for individuals and organizations to protect themselves include:


  • Avoid clicking on suspicious links or opening email attachments from unknown senders
  • Use anti-malware software
  • Update your software regularly
  • Be careful accessing personal information while using public Wi-Fi
  • Don’t use the same password for multiple websites or services
  • Consider credit and financial account monitoring services to detect suspicious activity


  • Educate employees on how to spot suspicious activity
  • Find, classify, and protect your most sensitive data, particularly information impacted by compliance regulations
  • Deploy patches as quickly as possible to shorten your window of vulnerability
  • Employ data encryption to protect sensitive data in transit and at rest
  • Monitor cloud usage, manage access to cloud services, and secure any data or applications you migrate
  • Use security technologies (firewalls, anti-malware software, intrusion detection and prevention systems, etc.)
  • Implement multi-factor authentication when providing access to your most critical systems
  • Use offline backup storage and ensure it is password protected

There’s no silver bullet to security, and implementing the proper measures can be time-consuming and expensive. However, by not strengthening your own security, the more cyberactivity is perpetuated and hackers are able to line their pockets with cash (or bitcoin).

Hackers will continue to find creative, sophisticated ways to carry out their ill-intended plans in order to make a quick buck. As consumers, organizations, and vendors, it’s our responsibility to ensure we’re making it harder on threat actors to do so.

Click here to download and read the full “2019 Black Market Report: A Look Inside the Dark Web” and learn what other activities and items are available for sale in the underground marketplace.

Resource Center

More security resources at your fingertips.

Practical Content for Security, DevOps, & IT Professionals