Five Features Of The Changing Threat Landscape

Uploaded on 2019-09-02 in TECHNOLOGY--Hackers, FREE TO VIEW

Organisations and critical infrastructure are likely experience far more-destructive cyber-attacks, including physical damage perpetrated by highly funded rogue nation states and cyber-criminals looking to disrupt business operations, make money or spy on targets, according to a new report from Accenture
 
Cybercrime campaigns and high-profile advanced persistent threat groups are shifting how they target victims and focusing more on intricate relationships with “secure syndicate” partnerships to disguise activity, according to Accenture's 2019 Cyber Threatscape Report.
 
The Accenture Security iDefense Threat Intelligence Services team has observed a distinct and dangerous shift in threat actor TTPs during the past 12 months. Threat actors are pivoting their operations strategically, operationally and tactically, and in doing so they are testing the resilience of organisations who are doing their best to keep up. 
 
The report has discovered five factors that are influencing the cyber threat landscape:
 
1. Compromising geopolitics:
New threats emerge from disinformation and technology evolution Global businesses may find themselves in the crosshairs as geopolitical tensions persist. As cyber-threat actors take advantage of high-profile global events and seek to influence mass opinion, these actors will not only sustain current levels of activity but also to take advantage of new capabilities as new technologies enable more-sophisticated threat TTPs.
 
2. Cybercriminals adapt, hustle, diversify and are looking more like states.
Despite high-profile law enforcement actions against criminal communities and syndicates in 2018, the ability of threat actors to remain operational highlights the significant increase in the maturity and resilience of criminal networks in 2019. Analysis indicates conventional cybercrime and financially-motivated, targeted attacks will continue to pose a significant threat for individual Internet users and businesses. 
 
However, criminal operations will likely continue to shift their tactics to reduce risks of detection and disruptions. They could also attempt to maximise the return on effort in several ways such as: shifting away from partnerships to operating within close-knit syndicates; taking advantage of familiarity with the local environment; increasing the precision of targeting by using legitimate documents to identify likely victims before delivering malware; or selling and buying direct access to networks for ransomware delivery rather than carrying out advanced intrusions.
 
3. Hybrid motives pose new dangers in ransomware defense and response.
The ransomware threat will be exacerbated further by the sale of access to corporate networks, through which an attacker can deploy ransomware on a corporate-wide scale, and the potential of ransomware with self-propagating abilities (such as WannaCry) to reemerge could pose a significant threat to businesses, particularly those with time-critical operations. 
 
While the motives behind such an attack may appear to be financial, targeted ransomware attacks may at times serve hybrid motives, whether financial, ideological, or political. Regardless of motive, while the ransomware threat remains, organisations must ensure they take adequate measures to prepare, prevent, detect, respond, and contain a corporation-wide ransomware attack. 
 
4. Improved ecosystem hygiene is pushing threats to the supply chain, turning friends into frenemies.
The global interconnectedness of business, the wider adoption of traditional industry Cyberthreat countermeasures and improvements to basic cybersecurity hygiene appear to be pushing Cyberthreat actors to seek new avenues to compromise organisations, such as targeting their supply chains, including those for software, hardware and the cloud.
 
5. Life after meltdown:
Vulnerabilities in compute cloud infrastructure demand costly solutions. The discovery of multiple side-channel vulnerabilities in modern CPUs over the last two years could pose a high risk to organisations running their compute infrastructure in the public cloud. Adversaries can use this class of side-channel vulnerabilities to read sensitive data from other hosts on the same physical server. Mitigations are available for most platforms, cloud deployments, and software. 
 
However, most of the remedies come at a cost of reduced performance, leading to a potential increase of compute costs for enterprises.  The more organisations invest in securing their networks and training their staff on how to safely navigate the digital workplace, the harder and more expensive it becomes for threat actors to disrupt or breach networks. 
 
Security Magazine:               Accenture:
 
You Might Also Read:
 
Five Hi -Tech Ways To Fight Off Cyber Attackers:
 
« Cyber Weapons Could Create Devastation Comparable To A Nuclear Strike
One $Million Stolen Every Minute »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Cloud Industry Forum (CIF)

Cloud Industry Forum (CIF)

Cloud Industry Forum is a non-profit industry body that champions and advocates the adoption and use of Cloud-based services by businesses and individuals.

HackCon Norway

HackCon Norway

HackCon is for the people who are interested in technology, psychology, IT and security, and who wants to improve their knowledge within these areas.

National Intelligence Service (NIS) - South Korea

National Intelligence Service (NIS) - South Korea

The NIS oversees policy on cyber security in South Korea by formulating and coordinating the execution of such policy and devising necessary schemes and guidelines.

GitGuardian

GitGuardian

Enable developers, ops, security and compliance professionals to enforce security policies across public and private code, and other data sources as well

Infosec Partners

Infosec Partners

Whether you’re looking for complete managed security or an on-call expert advisor, we offer a range of managed security services to complement your internal team or primary outsource partner.

TROOPERS

TROOPERS

TROOPERS InfoSec event consists of two days of high-end training, followed by a two-day, three-track conference, culminating in Roundtables on the final day.

Echosec Systems

Echosec Systems

Echosec Systems is a data discovery company delivering social media and dark web threat intelligence. Our web based security software delivers critical information for situational awareness.

MOXFIVE

MOXFIVE

MOXFIVE is a specialized technical advisory firm founded to bring clarity to the complexity of cyber attacks.

Bitcrack

Bitcrack

Bitcrack Cyber Security helps your company understand and defend your threat landscape using our key experience and skills in cybersecurity, threat mitigation and risk.

Vigilant Technology Solutions

Vigilant Technology Solutions

Vigilant is a global cyber security technology company offering solutions to manage entire IT & cyber security lifecycles.

Wizard Cyber

Wizard Cyber

At Wizard Cyber, we simplify cyber security, delivering an advanced service that protects your high-risk assets from the complex threats that technology alone can miss, 24/7.

Cardonet

Cardonet

Cardonet is an IT Support and IT Services business offering end-to-end IT services, 24x7 IT Support to IT Consultancy, Managed IT and Cyber Security.

LockMagic

LockMagic

Lockmagic is an information asset management solution to protect, track, audit and control accesses to sensitive information inside and outside your organization.

Washington Technology Solutions (WaTech)

Washington Technology Solutions (WaTech)

WaTech operates the state’s core technology infrastructure – the central network and data center, provides strategic direction for cybersecurity and protects state networks from growing cyber threats.

Acumenis

Acumenis

At Acumenis, we help organisations of all sizes to manage information security effectively. Our key services are penetration testing, ISO 27001 implementations, and security

CovertSwarm

CovertSwarm

Since 2020 CovertSwarm have been radically redefining how enterprise security risks are discovered. We outpace the cyber threats faced by our clients using a constant cyber attack methodology.

Token

Token

Token is changing the way our customers secure their organizations by providing passwordless, biometric, multifactor authentication.