Cyber Criminals Catch Up With Nation-States

Uploaded on 2018-03-12 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

The trickle-down effect of advanced “military-grade” tools is seeing the gap between cyber-criminal and nation state attack capabilities closing, outpacing many organisations’ defence capabilities

The lines are blurring between statecraft and tradecraft, evolving the cyber threat landscape beyond the defence capabilities of conventional security measures, according to the latest global threat report by security firm CrowdStrike.

In 2017, 39% of all attacks that CrowdStrike observed constituted malware-free intrusions that were not detected by traditional antivirus systems, with the manufacturing, professional services and pharmaceutical industries facing the most malware-free attacks, the report revealed.

CrowdStrike data also indicates that it takes an intruder an average of one hour 58 minutes to begin moving laterally to other systems in the network.

Extortion and weaponisation of data have become mainstream among cyber criminals, the report warned, heavily impacting government and healthcare, among other sectors.

Nation state-linked attacks and targeted ransomware are also on the rise and could be used for geopolitical and even militaristic exploitation purposes, the report said.

Supply chain compromises and crypto fraud and mining will present new attack vectors for both state-sponsored and cyber-criminal actors, the report said.

“We have already seen how cyber criminals can come up with massive, destructive attacks that render organisations inoperable for days or weeks,” said Dmitri Alperovitch, CrowdStrike’s chief technology officer and co-founder.

“Looking ahead, security teams will be under even more pressure to detect, investigate and remediate breaches fast.”

Established and well-resourced cyber operations will continue to innovate, developing new methods of distributing crime-ware and incorporating advanced tactics to infiltrate, disrupt and destroy systems, the report warned.

Adam Meyers, vice-president of intelligence at CrowdStrike, said the lines between nation-state and cyber-crime actors are increasingly blurring, raising the sophistication of threats to a new level.

“Actionable threat intelligence and real-time threat data are crucial in empowering better security and executive decisions,” he said.

Meyers said CrowdStrike’s latest report is aimed at making public and private sector organisations better informed about the tactics, techniques and procedures that attackers are using to enable defenders to allocate the most appropriate defences and resources.

Computer Weekly

You Might Also Read: 

Cyber Criminals Have Access To Weapons Grade Hacking Tools:

Cybercriminals Use Fake Websites:

 

« UK Think Tanks Hacked by Groups in China
The Mysteries Of Crypotocurrencies »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BH Consulting

BH Consulting

BH Consulting we are a vendor independent consulting firm providing market leading range of information security services focused on data protection and cybersecurity.

WIRED

WIRED

WIRED is the magazine about what's next – the people, the trends and the big ideas that will change our lives. Topics covered include cyber security.

Hotlava Systems

Hotlava Systems

HotLava network adapters enable today's powerful servers and workstations to deliver more productivity by reducing congestion at the network interface.

Synopsys

Synopsys

Synopsys delivers trusted and comprehensive silicon to systems design solutions, from electronic design automation to silicon IP and system verification and validation.

Cigniti Technologies

Cigniti Technologies

Cigniti Technologies provides Independent Software Testing (IST) Services including software security testing.

Heimdal Security

Heimdal Security

Heimdal Security provides proactive protection against cyber threats including ransomware, exploit kits and financial malware.

AlAnsari Technical Solutions (ATS)

AlAnsari Technical Solutions (ATS)

ATS is a Kuwait based company specialised in delivering hardware/software, Virtualisation, IP Telephony / Unified Communication, Networking and professional IT services and solutions.

Sweepatic

Sweepatic

The Sweepatic reconnaissance platform discovers and analyses all internet facing assets and their exposure to risk.

SecuLetter

SecuLetter

SecuLetter is able to detect unknown attacks with hybrid approaches, static and dynamic analysis.

Security Innovation Network (SINET)

Security Innovation Network (SINET)

SINET is dedicated to building a cohesive, worldwide Cybersecurity community with the goal of accelerating innovation through collaboration.

Northcross Group (NCG)

Northcross Group (NCG)

NCG provides services to help organizations meet the challenges of regulatory compliance. Our services include support, consultation, tools and accelerators for all parts of an organization.

Akito

Akito

Akito was set up to become a point of reference in the ICT market for issues related to Security and in particular Cyber Security.

Seedcamp

Seedcamp

Seedcamp identify and invest early in world-class founders attacking large and global markets through disruptive technology in areas including AI, cybersecurity, and Fintech.

Options Technology

Options Technology

Options is a global leader in financial technology, specialising in Capital Markets technology and enterprise-grade solutions.

Techtron Business IT Services

Techtron Business IT Services

TECHTRON has been providing business IT services since 2004. Our focus is on SMBs and we are good at it. Our customers trust us, they love our high levels of service, and they love what we stand for.

Interlock

Interlock

Interlock are building blockchain-based security products that solve legacy web2 security issues - phishing and social engineering.