Cyber Criminals Are Catching Up With Nation-state Hackers

Cyber criminals are catching up to nation-states’ hacking capabilities, and it’s making attribution more difficult, acording the the US National Security Council’s senior director for cybersecurity policy.

“They’re not five years behind nation-states anymore, because the tools have become more ubiquitous,” said Grant Schneider, the US Federal CISO.  speaking at the Security Through Innovation Summit  last week.

“The actual sophistication of the tool … is better with criminals than we saw in the past.”

Speaking at the same event, Steve Grobman, the chief technology officer for McAfee, said that advanced crooks are behaving more corporately, which means they are able to proliferate higher-quality hacking tools.

“One of the things we’re seeing on the business-model side is cyber criminals are starting to use innovative processes like franchises, affiliate groups where a cybercriminal will develop technology and make it available to other cybercriminals,”

Franchising the malware means that criminals can concentrate on improving in other areas, Grobman said. As a result, “what the cybercrime affiliates will do is they will focus on identifying phishing lists, other ways to break into networks to then actually launch the ransomware … instead of having to build effective tools from scratch,” he said. “They can put all of their investment into executing their attack.”

Overall, Schneider said, any improvement in cybercrime technology “makes attribution for us harder.” The tools look more like those of nation-states, he said. 

Attribution has always been tough, of course, but the National Security Agency’s (NSA) David Hogue concurred that it has been increasingly difficult.

“From an attribution standpoint it’s very difficult to determine … if an actor is working at the behest of a foreign government or if they’re doing criminal activity on their own time,”

Hogue, senior technical director of the NSA  Cybersecurity Threat Operations Center told reporters. Criminals still behave differently in certain cases, though, according to Grobman.

“If you’re a nation-state, you’re likely trying to do one very specific … goal and will use whatever mechanism is required in order to do that. So in some ways it often requires less sophistication,” Grobman said.

On the flip side, he said, cyber-criminals “can come up with very sophisticated capabilities” given that “they have the luxury in most cases of a virtually unlimited victim pool” and the” luxury of time.”

CyberScoop:            Image: Nick Youngson

You Might Also Read:

Falling Returns Mean Cyberecriminals Are Turning To Unconventional Methods:

 

« Russia Plans To Monitor Internet Access
Beware Of ‘How To' Guides To The Dark Web »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CERT.GOV.AZ

CERT.GOV.AZ

Azerbaijan Government Computer Incident Response Team

RSA Insurance Group

RSA Insurance Group

RSA is one of the world’s leading multinational quoted insurance groups. Commercial services include cyber risk insurance.

AMETIC

AMETIC

AMETIC, is the Association of Electronics, Information and Communications Technologies, Telecommunications and Digital Content Companies in Spain.

Sangfor Technologies

Sangfor Technologies

Sangfor is a global leader of IT infrastructure, security solutions, and cloud computing.

TrainACE

TrainACE

TrainACE, is a professional computer training school offering courses in information technology with a focus on Advanced Security training.

Sevatec

Sevatec

Sevatec’s Active Cyber Defense (ACD) methodology proactively defends against adversarial kills chain, addressing active and emerging threats while reducing program vulnerabilities and risks.

Packetlabs

Packetlabs

Packetlabs specializes in penetration testing services and application security.

Three Wire Systems

Three Wire Systems

Three Wire is a leader in innovative and efficient technology solutions for government agencies and large enterprise corporations.

Aegis Cyber Defense Systems

Aegis Cyber Defense Systems

AEGIS is a powerful cybersecurity tool that can help protect your devices and networks from cyber threats, and increase performance.

Radiant Security

Radiant Security

Radiant Security offers an AI-powered security co-pilot for Security Operations Centers (SOCs). Reinforce your SOC with an AI assistant.

Liberty Technology

Liberty Technology

Liberty Technology has a host of highly trained, certified experts who assist our clients with immediate remote support as well as on-site service.

Bearer

Bearer

Bearer helps modern teams ship trustworthy products with the help of our code security solution built for security, privacy and engineering teams.

Strobes Security

Strobes Security

Strobes is among the world’s first cybersecurity platforms specifically designed for end-to-end continuous threat exposure management.

Offenso Hackers Academy

Offenso Hackers Academy

At Offenso we focus on cyber security training focused on producing cyber security professionals with a wide range of abilities to counter threats from the internet and cloud to a business.

Cyberagentur (Cyber Agency)

Cyberagentur (Cyber Agency)

Cyberagentur is the Federal Agency in Germany for innovation in cybersecurity. Our mission is to advance research and groundbreaking innovations in the field of cybersecurity and related technologies.

Dynamic Standards International (DSI)

Dynamic Standards International (DSI)

Dynamic Standards International is a global standards development organization which develops certifiable ‘dynamic standards’ that pace with fast-evolving landscapes.