Why 'living off the land' has become a preferred method of cybercrime