Cyber Criminals Catch Up With Nation-States

Uploaded on 2018-03-12 in TECHNOLOGY--Hackers, NEWS-News Analysis, GOVERNMENT-Law Enforcement, FREE TO VIEW

The trickle-down effect of advanced “military-grade” tools is seeing the gap between cyber-criminal and nation state attack capabilities closing, outpacing many organisations’ defence capabilities

The lines are blurring between statecraft and tradecraft, evolving the cyber threat landscape beyond the defence capabilities of conventional security measures, according to the latest global threat report by security firm CrowdStrike.

In 2017, 39% of all attacks that CrowdStrike observed constituted malware-free intrusions that were not detected by traditional antivirus systems, with the manufacturing, professional services and pharmaceutical industries facing the most malware-free attacks, the report revealed.

CrowdStrike data also indicates that it takes an intruder an average of one hour 58 minutes to begin moving laterally to other systems in the network.

Extortion and weaponisation of data have become mainstream among cyber criminals, the report warned, heavily impacting government and healthcare, among other sectors.

Nation state-linked attacks and targeted ransomware are also on the rise and could be used for geopolitical and even militaristic exploitation purposes, the report said.

Supply chain compromises and crypto fraud and mining will present new attack vectors for both state-sponsored and cyber-criminal actors, the report said.

“We have already seen how cyber criminals can come up with massive, destructive attacks that render organisations inoperable for days or weeks,” said Dmitri Alperovitch, CrowdStrike’s chief technology officer and co-founder.

“Looking ahead, security teams will be under even more pressure to detect, investigate and remediate breaches fast.”

Established and well-resourced cyber operations will continue to innovate, developing new methods of distributing crime-ware and incorporating advanced tactics to infiltrate, disrupt and destroy systems, the report warned.

Adam Meyers, vice-president of intelligence at CrowdStrike, said the lines between nation-state and cyber-crime actors are increasingly blurring, raising the sophistication of threats to a new level.

“Actionable threat intelligence and real-time threat data are crucial in empowering better security and executive decisions,” he said.

Meyers said CrowdStrike’s latest report is aimed at making public and private sector organisations better informed about the tactics, techniques and procedures that attackers are using to enable defenders to allocate the most appropriate defences and resources.

Computer Weekly

You Might Also Read: 

Cyber Criminals Have Access To Weapons Grade Hacking Tools:

Cybercriminals Use Fake Websites:

 

« UK Think Tanks Hacked by Groups in China
The Mysteries Of Crypotocurrencies »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NuHarbor Security

NuHarbor Security

NuHarbor is a leading information security consulting and advisory firm specializing in Information Security, Compliance, and Risk Management.

Digital Infrastructure Association (DINL)

Digital Infrastructure Association (DINL)

DINL is the leading representative for companies and organisations which are active within the Dutch digital infrastructure sector.

IDpendant

IDpendant

IDpendant offers a wide range of services, including authentication technology, client security products, single sign on systems, encryption solutions, card and mobile device management systems.

KayHut

KayHut

KayHut is a young, innovative company engaged in cyber research and security solutions.

Chronicle

Chronicle

Chronicle products combine intelligence about global threats in the wild, threats inside your network, and unique signals about both.

6point6

6point6

6point6 is a technology consultancy with strong expertise in digital transformation, emerging technology and cyber security.

Arctic Wolf Networks

Arctic Wolf Networks

Arctic Wolf Networks delivers the industry-leading security operations center (SOC)-as-a-service that redefines the economics of cybersecurity.

Ministry of Information and Communications (MIC) - Vietnam

Ministry of Information and Communications (MIC) - Vietnam

The Ministry of Information & Communications of Vietnam is the policy making and regulatory body in the field of information technology and national information and and communication infrastructure.

CleanCloud by SEK

CleanCloud by SEK

CleanCloud by SEK is a CSPM product focused on public cloud data protection and security regulations, with over 400 compliance checks for the market's leading frameworks and regulations.

Quantum Star Technologies

Quantum Star Technologies

Quantum Star Technologies has developed Starpoint to be a next-next-generation solution to cyber security threats. Our mission is to secure the online world through our patented technology.

CyberX9

CyberX9

CyberX9 helps you protect against a wide range of cyber attacks whether you are a business or a high-net worth individual under risk.

Digital Edge

Digital Edge

Digital Edge provides unparalleled Managed Cloud Solutions, as well as superior Information Technology Support Services.

Data Pie Cybersecurity

Data Pie Cybersecurity

The Data Pie Cybersecurity Consulting offers a 360° around protection for your IT security. Security awareness solutions and consulting.

Cynical Technology

Cynical Technology

Cynical Technology is a Nepalese cybersecurity company with expertise in security consulting, auditing, testing and compliance.

HIFENCE

HIFENCE

HIFENCE delivers cybersecurity and networking services that make your company safer and more secure. That’s all we do, so you can concentrate on all the things that you do best.

Autobahn Security

Autobahn Security

Autobahn Security is a growing team of 80+ experts from 25+ nationalities, established in 5 countries. We’re working hard to make Autobahn Security the No. 1 solution for improved hacking-resilience.