Cyber Criminals Are Catching Up With Nation-state Hackers

Uploaded on 2019-05-03 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW

Cyber criminals are catching up to nation-states’ hacking capabilities, and it’s making attribution more difficult, acording the the US National Security Council’s senior director for cybersecurity policy.

“They’re not five years behind nation-states anymore, because the tools have become more ubiquitous,” said Grant Schneider, the US Federal CISO.  speaking at the Security Through Innovation Summit  last week.

“The actual sophistication of the tool … is better with criminals than we saw in the past.”

Speaking at the same event, Steve Grobman, the chief technology officer for McAfee, said that advanced crooks are behaving more corporately, which means they are able to proliferate higher-quality hacking tools.

“One of the things we’re seeing on the business-model side is cyber criminals are starting to use innovative processes like franchises, affiliate groups where a cybercriminal will develop technology and make it available to other cybercriminals,”

Franchising the malware means that criminals can concentrate on improving in other areas, Grobman said. As a result, “what the cybercrime affiliates will do is they will focus on identifying phishing lists, other ways to break into networks to then actually launch the ransomware … instead of having to build effective tools from scratch,” he said. “They can put all of their investment into executing their attack.”

Overall, Schneider said, any improvement in cybercrime technology “makes attribution for us harder.” The tools look more like those of nation-states, he said. 

Attribution has always been tough, of course, but the National Security Agency’s (NSA) David Hogue concurred that it has been increasingly difficult.

“From an attribution standpoint it’s very difficult to determine … if an actor is working at the behest of a foreign government or if they’re doing criminal activity on their own time,”

Hogue, senior technical director of the NSA  Cybersecurity Threat Operations Center told reporters. Criminals still behave differently in certain cases, though, according to Grobman.

“If you’re a nation-state, you’re likely trying to do one very specific … goal and will use whatever mechanism is required in order to do that. So in some ways it often requires less sophistication,” Grobman said.

On the flip side, he said, cyber-criminals “can come up with very sophisticated capabilities” given that “they have the luxury in most cases of a virtually unlimited victim pool” and the” luxury of time.”

CyberScoop:            Image: Nick Youngson

You Might Also Read:

Falling Returns Mean Cyberecriminals Are Turning To Unconventional Methods:

 

« Russia Plans To Monitor Internet Access
Beware Of ‘How To' Guides To The Dark Web »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BruCON

BruCON

Brucon is Belgiums premium security and hacking conference.

International Association for Cryptologic Research (IACR)

International Association for Cryptologic Research (IACR)

(IACR is a non-profit scientific organization whose purpose is to further research in cryptology and related fields.

Digital Management (DMI)

Digital Management (DMI)

DMI is a provider of mobile enterprise, business intelligence and cybersecurity services.

CryptoSec.info

CryptoSec.info

CryptoSec.info is a web resource focused on educating the beginners in the cryptocurrency space on how to properly secure their online assets from hackers and scammers.

US Venture Partners (USVP)

US Venture Partners (USVP)

USVP is a leading Silicon Valley venture capital firm focusing on early-stage start-ups that transform cybersecurity, enterprise software, consumer mobile and e-commerce, and healthcare.

ThreatModeler

ThreatModeler

ThreatModeler is an automated threat modeling solution that fortifies an enterprise’s Software Development Lifecycle by identifying, predicting and defining threats.

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

ICS-ISAC is a non-profit, public/private Knowledge Sharing Center established to help facilities develop situational awareness in support of local, national and international security.

Elisity

Elisity

Elisity Cognitive Trust is a new security paradigm that combines Zero Trust Network Access and an AI-enabled Software Defined Perimeter.

CrossCountry Consulting

CrossCountry Consulting

CrossCountry Consulting is a trusted business advisory firm that provides customized finance, accounting, human capital management, risk, operations and technology consulting services.

Network Perception

Network Perception

Network Perception proactively and continuously assures the security of critical OT assets with intuitive network segmentation verification and visualization.

Nuts Technologies

Nuts Technologies

Nuts Technologies are simplifying data privacy and encryption with our innovative and novel data containers we call nuts based on our Zero Trust Data framework.

443ID

443ID

443ID brings OSINT data to Identity Security professionals on any digital platform.

Corinium Global Intelligence

Corinium Global Intelligence

At Corinium, we have been bringing together the brightest minds in data, AI and info sec since 2013, to innovate at the intersection of technological advancements and critical thinking.

SecuCenter

SecuCenter

Secucenter is a trusted partner for SOC services, offering security expertise in a cost-effective way.

Canary Technology Solutions (Canary IT)

Canary Technology Solutions (Canary IT)

A Cloud, Cyber Security, Retail Solutions and Managed IT Services provider for over 25 years, we safeguard and revolutionise business through technology and foresight.

Sirar by STC

Sirar by STC

Sirar is an advanced technology and cybersecurity company established by STC, the MENA region’s ICT and digital services provider.