Cyber Criminals Are Catching Up With Nation-state Hackers

Cyber criminals are catching up to nation-states’ hacking capabilities, and it’s making attribution more difficult, acording the the US National Security Council’s senior director for cybersecurity policy.

“They’re not five years behind nation-states anymore, because the tools have become more ubiquitous,” said Grant Schneider, the US Federal CISO.  speaking at the Security Through Innovation Summit  last week.

“The actual sophistication of the tool … is better with criminals than we saw in the past.”

Speaking at the same event, Steve Grobman, the chief technology officer for McAfee, said that advanced crooks are behaving more corporately, which means they are able to proliferate higher-quality hacking tools.

“One of the things we’re seeing on the business-model side is cyber criminals are starting to use innovative processes like franchises, affiliate groups where a cybercriminal will develop technology and make it available to other cybercriminals,”

Franchising the malware means that criminals can concentrate on improving in other areas, Grobman said. As a result, “what the cybercrime affiliates will do is they will focus on identifying phishing lists, other ways to break into networks to then actually launch the ransomware … instead of having to build effective tools from scratch,” he said. “They can put all of their investment into executing their attack.”

Overall, Schneider said, any improvement in cybercrime technology “makes attribution for us harder.” The tools look more like those of nation-states, he said. 

Attribution has always been tough, of course, but the National Security Agency’s (NSA) David Hogue concurred that it has been increasingly difficult.

“From an attribution standpoint it’s very difficult to determine … if an actor is working at the behest of a foreign government or if they’re doing criminal activity on their own time,”

Hogue, senior technical director of the NSA  Cybersecurity Threat Operations Center told reporters. Criminals still behave differently in certain cases, though, according to Grobman.

“If you’re a nation-state, you’re likely trying to do one very specific … goal and will use whatever mechanism is required in order to do that. So in some ways it often requires less sophistication,” Grobman said.

On the flip side, he said, cyber-criminals “can come up with very sophisticated capabilities” given that “they have the luxury in most cases of a virtually unlimited victim pool” and the” luxury of time.”

CyberScoop:            Image: Nick Youngson

You Might Also Read:

Falling Returns Mean Cyberecriminals Are Turning To Unconventional Methods:

 

« Russia Plans To Monitor Internet Access
Beware Of ‘How To' Guides To The Dark Web »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Fredda Stanza

Fredda Stanza

Fredda Stanza specialize in Information Security and Forensics Consulting.

RU-CERT

RU-CERT

RU-CERT is the CSIRT / CERT team of the Russian Federation.

KayHut

KayHut

KayHut is a young, innovative company engaged in cyber research and security solutions.

Aveshka

Aveshka

Aveshka is a professional services firm focused on addressing complex threats and challenges including Cybersecurity and Information Technology.

CyberGhost

CyberGhost

CyberGhost is a Virtual Private Network services provider offering secure encrypted access to the internet.

Incognito Forensic Foundation Lab (IFF Lab)

Incognito Forensic Foundation Lab (IFF Lab)

IFF Lab is a premier cyber and digital forensics lab in India that offers forensic services and solutions, cyber security analysis and assessment, IT support, training and consultation.

Estio Training

Estio Training

Estio Training is a specialist digital and IT apprenticeships provider, dedicated to introducing new skills and developing existing talent in businesses across the UK.

Cyemptive Technologies

Cyemptive Technologies

Cyemptive's CyberSlice technology preempts and remove threats before they take hold, in seconds, compared to other’s hours, days, weeks and even months.

Lunio

Lunio

Lunio makes the internet a safer and more reliable place for everyone trying to grow their business by automatically getting rid of fake clicks, traffic, and leads on all ad platforms.

Sevco Security

Sevco Security

Sevco Delivers Real-time Asset Intelligence to Identify and Close Unknown Security Gaps.

Sentra

Sentra

Sentra is focused on improving data security practices within the cloud, mitigating the risks of damaging data leaks by providing comprehensive visibility into critical data assets.

EtherAuthority

EtherAuthority

EtherAuthority's engineering team has been helping blockchain businesses to secure their smart contract based assets since 2018.

Elastio

Elastio

Elastio's cloud-native platform safeguards cloud data from the risks posed by ransomware, application failures and storage security vulnerabilities.

Flawnter

Flawnter

Flawnter is a security testing software that finds hidden security and quality flaws in your applications.

Increase Your Skills (IYS)

Increase Your Skills (IYS)

Armed and ready: raise awareness of cyberattacks in your company with the Full-Service Awareness Platform from IYS – fast and effective. We help you develop a robust, sustainable security strategy.

Skylark

Skylark

Skylark is a leading global IT services provider, transforming client’s businesses through innovative and advanced technology solutions.