Cyber-threat actors and threat groups are continuously networking, researching, and testing out new tactics, techniques, and procedures. They are also always looking for new ways to disrupt operations, make money or spy on their targets. Accenture Security iDefense has identified five key areas that are influencing the cyber threat landscape:
- Iranian threat is a growing force to be reckoned with
- Extended supply chain threats are challenging the ecosystem
- Critical infrastructure is a high-value target for threat actors
- Advanced persistent threats are becoming more financially motivated
- Miner malware is creating a cryptocurrency surge
Five areas influencing the cyber threat landscape
Iranian threat is a growing force to be reckoned with
Iran-based threat actors and threat groups are likely to continue to grow their malicious activities and capabilities in the foreseeable future. Organizations, businesses and governments should proactively build resilience against Iran-based threat actors.
The development and use of ransomware from Iran is likely to continue. The increased repurposing of popular malware by Iranian-based threat actors could lead to the use of ransomware for destructive purposes by state-sponsored organizations.
Extended supply chain threats are challenging the ecosystem
Cyber-adversaries have slowly shifted their attack patterns to exploit third- and fourth-party supply chain partner environments to gain entry to target systems, even in verticals with mature cybersecurity standards, frameworks, and regulations.
Organizations operate in a complex and challenging environment. iDefense believes cyber-criminal, espionage and hacktivist groups will continue to target supply chains and the strategic business partners that contribute to them for monetary, strategic and political gain.
Critical infrastructure is a high-value target for threat actors
The oil and gas industry will continue to be an attractive target for threat actors, given the disruption that a cyber incident could inflict on the security and economy of an oil-producing country.
The oil and gas industry organizations need to hire new talent to manage and support emerging technologies and should align IT-OT convergence with IT and OT priorities.
Advanced persistent threats are becoming more financially motivated
Financially motivated cyber criminals are stepping up their game. Groups such as Cobalt Group and FIN7 have been targeting large financial institutions and restaurant chains successfully.
FIN7 continues to innovate, with analysts having observed a new version of the Bateleur malware, version 1.1.0, in April 2018. FIN7 has been less active than in the previous year, but the threat is still present.
Miner malware is creating a cryptocurrency surge
Cyber criminals have grown their use of cryptocurrency miner malware and is likely to continue into 2019 in a shift toward malware mining alternative cryptocurrencies, most notably, Monero.
Ransomware continues to be the most prevalent attack vector for extortion operations, with attacks doubling from 2016 to 2017, rising from 13 percent to 27 percent of all reported incidents targeting corporations.