14
            Cyber adversaries engage in cyberattacks for the following reasons:
              Monetary gain
              Disruption of supply, communication, and economic infrastructures
              Thrill of the challenge
              Bragging rights in the hacker community
              Seeking revenge on employer (i.e., disgruntled employee)
              Theft of personally identifiable information (PII)
              Disrupt systems by performing denial-of-service attacks
              Threatening national security by weakening a nation’s economy


            Cybercrime economy
            The monetary gain involved can be notable. Some sources estimate that the overall revenue from
            cybercrime is now well over $1.5 trillion annually, making cybercrime a major criminal economy — one that
            rivals, and may come to surpass, more longstanding criminal economies. Indeed, few countries in the world
            can claim a GDP higher than annual cybercrime revenues. As the tools of cybercrime become more
            common and easier to obtain, and the opportunities to profit become more plentiful and lucrative, incidents
                                                                                                      15
            of cybercrime will likely only increase, presenting greater and greater challenges for cybersecurity.

            Depths of the internet
            Cybercrime and other cybersecurity threats are often facilitated by the existence of an area of the internet
            not accessed by average users; below the surface of the internet there is a deeper, darker web.

            The surface web is the web accessed by and available to all internet users. The websites in the surface
            web are indexed by search engines — Google is an example of a search engine — and the user can open
            websites and gain information. The surface web, however, represents only 4% of the internet in use.
            Part of the rest of the 96% area of the internet is the deep web, which is effectively a secret web to which
            normal users do not have access. The deep web consists of a website or any page on the website not
            indexed by search engines. Users can access this page only if they become an authorized user with
            knowledge of the URL, possession of a username and password, and any other necessary credentials. In
            practical use, the deep web is for storage of data, such as personal data (cloud storage), corporate data
                                                                16
            (an organization’s business database), or military data.
            The dark web, the part of the World Wide Web that is only accessible by means of special software, allows
            users and website operators to remain anonymous or untraceable. Sensitive data can be obtained for low
            prices on the dark web, and the data sold on the dark web is typically stolen by the cybercriminals when they
            breach high-profile companies. Cybercriminals sell the following types of data on the dark web:

              Credit card numbers
              Debit card numbers

            14
              See https://ics-cert.us-cert.gov/content/cyber-threat-source-descriptions, accessed June 20, 2019.
            15
              See https://thefintechtimes.com/cybercrime-economy/, accessed July 19, 2019.
            16
              See https://medium.com/@hackersleague/what-is-surface-web-deep-web-and-dark-web-cdbaf71b30d5,
            accessed June 20, 2019.

            © 2019 Association of International Certified Professional Accountants. All rights reserved.    1-23