Cyber Criminals Are Catching Up With Nation-state Hackers

Uploaded on 2019-05-03 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW

Cyber criminals are catching up to nation-states’ hacking capabilities, and it’s making attribution more difficult, acording the the US National Security Council’s senior director for cybersecurity policy.

“They’re not five years behind nation-states anymore, because the tools have become more ubiquitous,” said Grant Schneider, the US Federal CISO.  speaking at the Security Through Innovation Summit  last week.

“The actual sophistication of the tool … is better with criminals than we saw in the past.”

Speaking at the same event, Steve Grobman, the chief technology officer for McAfee, said that advanced crooks are behaving more corporately, which means they are able to proliferate higher-quality hacking tools.

“One of the things we’re seeing on the business-model side is cyber criminals are starting to use innovative processes like franchises, affiliate groups where a cybercriminal will develop technology and make it available to other cybercriminals,”

Franchising the malware means that criminals can concentrate on improving in other areas, Grobman said. As a result, “what the cybercrime affiliates will do is they will focus on identifying phishing lists, other ways to break into networks to then actually launch the ransomware … instead of having to build effective tools from scratch,” he said. “They can put all of their investment into executing their attack.”

Overall, Schneider said, any improvement in cybercrime technology “makes attribution for us harder.” The tools look more like those of nation-states, he said. 

Attribution has always been tough, of course, but the National Security Agency’s (NSA) David Hogue concurred that it has been increasingly difficult.

“From an attribution standpoint it’s very difficult to determine … if an actor is working at the behest of a foreign government or if they’re doing criminal activity on their own time,”

Hogue, senior technical director of the NSA  Cybersecurity Threat Operations Center told reporters. Criminals still behave differently in certain cases, though, according to Grobman.

“If you’re a nation-state, you’re likely trying to do one very specific … goal and will use whatever mechanism is required in order to do that. So in some ways it often requires less sophistication,” Grobman said.

On the flip side, he said, cyber-criminals “can come up with very sophisticated capabilities” given that “they have the luxury in most cases of a virtually unlimited victim pool” and the” luxury of time.”

CyberScoop:            Image: Nick Youngson

You Might Also Read:

Falling Returns Mean Cyberecriminals Are Turning To Unconventional Methods:

 

« Russia Plans To Monitor Internet Access
Beware Of ‘How To' Guides To The Dark Web »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Security Current

Security Current

Security Current's proprietary content and events provide insight, actionable advice and analysis giving executives the latest information to make knowledgeable decisions.

Infoblox

Infoblox

Infoblox solutions help businesses automate complex network control functions to reduce costs, increase security and maximize uptime.

Veracode

Veracode

Veracode delivers the most widely used cloud-based platform for securing web, mobile, legacy and third-party enterprise applications.

XignSYS

XignSYS

XignSys develops innovative password-free and user-friendly Authentication solutions and electronic signature systems for B2B and B2C applications.

Carbonite

Carbonite

Carbonite offers all the tools necessary for protecting data from the most common forms of data loss, including ransomware, accidental deletions, hardware failures and natural disasters.

Soliton

Soliton

Soliton is a leading Japanese technology company and a pioneer in IT security solutions for protecting company resources and data from external IT security threats.

ACSG Corp

ACSG Corp

ACSG Corp is a Critical Infrastructure Protection Company with a multi-disciplinary focus on building analytics software for various industry sectors.

NXTsoft

NXTsoft

NXTsoft’s solutions help businesses secure, connect and optimize their data to maximize revenue opportunities, enhance profitability, and mitigate cybersecurity risk.

NGN International

NGN International

NGN International is a full-fledged systems integrator and managed security services provider established in 2015 in Bahrain.

Canonic Security

Canonic Security

Canonic streamlines app review, continuously monitors apps, and reduces the risks involved in third-party access to your data.

Snare

Snare

Snare is a comprehensive set of event monitoring and analysis tools designed to address critical auditing and security requirements.

LevelBlue

LevelBlue

LevelBlue simplify cybersecurity through award-winning managed security services, experienced strategic consulting, threat intelligence and renowned research.

DataPatrol

DataPatrol

DataPatrol is a software company, specialized in providing Security and Privacy of company’s data and information in an evolved way.

Incode

Incode

Incode is the leading provider of world-class identity solutions that is reinventing the way humans authenticate and verify their identities online.

RapidFort

RapidFort

RapidFort’s Software Attack Surface Optimization Platform remediates 95% of software vulnerabilities in minutes without code changes.

Cyber Brain Academy

Cyber Brain Academy

At Cyber Brain Academy, our mission is to provide high-quality IT certification training for the cyber security workforce.