Cybercriminals have been working more and more closely together in recent years. In this way, hackers hope, among other things, to hide their identity. Cybercriminals also stack their attacks more often and have updated their techniques.
Cybercriminals and groups are increasingly engaged in targeted intrusions for financial gain, according to Accenture’s Cyber Threatscape Report. Although individuals associated with online underground marketplaces have been arrested in the meantime, activity continues in well-known groups such as the Cobalt Group and FIN7. Accenture analysts have also observed that these groups share tools to automate the process of mass production of malicious documents for malware distribution.
These developments are attributed by Accenture to, among other things, relationships between “safe syndicates”. These groups work closely together and use the same tools. This points to a major change in how cybercriminals work together in the underground economy. Moreover, when syndicates work together, it is more difficult to identify who was behind something.
Shift in chains
Not only are cybercriminals working together, but the way in which they deliver their malware to victims has also changed in the past year. Whereas in the past, malware was mainly spread via phishing emails, analysts now increasingly see that malware is executed via web browsers. In doing so, they focus specifically on online retailers and shops.
Ransomware is also a growing problem for businesses and government infrastructures. The number of ransomware attacks has more than tripled in the last two years. Accenture analysts saw that ransomware was not only delivered through spam campaigns, but was also placed directly on networks by penetrating them.
There are criminals who sell remote desktop procotol access to business networks. They probably got that access from hacked servers and RDP brute forcing.
Finally, disinformation is on the rise, influencing users on social media. The campaigns focus not only on domestic and foreign policy, but also on the financial markets.
The Accenture report states that the potential effect of this is more worrying than the effect on politics. Financial services depend on fast, text-based sources of information. These are likely to be the targets of large-scale disinformation campaigns in the future, says Accenture.This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.