Cyber Criminals Are Catching Up With Nation-state Hackers
Cyber criminals are catching up to nation-states’ hacking capabilities, and it’s making attribution more difficult, acording the the US National Security Council’s senior director for cybersecurity policy.
“They’re not five years behind nation-states anymore, because the tools have become more ubiquitous,” said Grant Schneider, the US Federal CISO. speaking at the Security Through Innovation Summit last week.
“The actual sophistication of the tool … is better with criminals than we saw in the past.”
Speaking at the same event, Steve Grobman, the chief technology officer for McAfee, said that advanced crooks are behaving more corporately, which means they are able to proliferate higher-quality hacking tools.
“One of the things we’re seeing on the business-model side is cyber criminals are starting to use innovative processes like franchises, affiliate groups where a cybercriminal will develop technology and make it available to other cybercriminals,”
Franchising the malware means that criminals can concentrate on improving in other areas, Grobman said. As a result, “what the cybercrime affiliates will do is they will focus on identifying phishing lists, other ways to break into networks to then actually launch the ransomware … instead of having to build effective tools from scratch,” he said. “They can put all of their investment into executing their attack.”
Overall, Schneider said, any improvement in cybercrime technology “makes attribution for us harder.” The tools look more like those of nation-states, he said.
Attribution has always been tough, of course, but the National Security Agency’s (NSA) David Hogue concurred that it has been increasingly difficult.
“From an attribution standpoint it’s very difficult to determine … if an actor is working at the behest of a foreign government or if they’re doing criminal activity on their own time,”
Hogue, senior technical director of the NSA Cybersecurity Threat Operations Center told reporters. Criminals still behave differently in certain cases, though, according to Grobman.
“If you’re a nation-state, you’re likely trying to do one very specific … goal and will use whatever mechanism is required in order to do that. So in some ways it often requires less sophistication,” Grobman said.
On the flip side, he said, cyber-criminals “can come up with very sophisticated capabilities” given that “they have the luxury in most cases of a virtually unlimited victim pool” and the” luxury of time.”
CyberScoop: Image: Nick Youngson
You Might Also Read:
Falling Returns Mean Cyberecriminals Are Turning To Unconventional Methods: