Throughout the history of conflict, gaining access to new tools and technologies has always served to tip the scales and provide a decisive advantage to those who can quickly acquire and operationalize these capabilities. That’s the kind of upgrade that online black markets now provide average cyber criminals. These clandestine marketplaces have made it easier than ever for average cyber criminals to obtain advanced software tools and capabilities that make them much more effective.
The growth of criminal marketplaces and its effect on the cybersecurity threat landscape is one of the disconcerting trends outlined in Accenture Security iDefense’s recent Cyber Threat-scape Report. The report examines cyber threat trends during the first half of 2017 and offers an overview of how they might unfold in the coming months. In addition to the rise of criminal marketplaces for cyberthreat tools, the report examines the strengthening cyber espionage capabilities of national governments and the difficulty in identifying the source of destructive cyber threat activities.
Government cyber espionage capabilities
It’s no surprise that nation-states have cyberthreat capabilities. It’s important, however, to understand that these governments have specific strategic objectives that align to different products, services and intellectual property that many companies produce. That means that any organization in the supply chain ecosystem can be a target when its business or organizational objectives are aligned to a nation- states’ collection priorities. Such businesses need to understand that this threat will not go away, because it’s actually someone’s job to gain and maintain access to their organizations, and to take what they produce.
For example, our report indicates that we expect North Korea and Iran to continue to improve their national levels of cyber threat capabilities. As a result, the world will see a growth in cyber espionage and exploitation and disruption activity from both countries, not only in response to geopolitical triggers — such as economic sanctions and military exercises — but also in continuing service to national strategic goals.
Increasing attribution difficulties
We’ve observed increasing cyber criminal use of deception tactics, including the reappearance of steganography in malware to obfuscate its source. We’ve also seen concealment techniques of command and control (C2) infrastructure using disguises to hide behind layers of more-expendable C2 servers or DGA domains. This, coupled with greater public reporting on cyber threat activities, might accelerate this denial and deception trend, increasing the complexity and cost of cyber defense efforts and resource allocation.
The obfuscation includes Bitcoin, cyber criminals’ preferred method of exchanging currency. In fact, threat actors are taking additional measures to conceal Bitcoin transactions. For example, cyber criminals are either developing and/or leveraging Bitcoin-laundering techniques or adopting alternative crypto currencies.
Front line of defense
The disruptiveness of increasing ransomware and distributed denial of service attacks; the aggressive use of information operations by nation-states; growth in the numbers and diversity of cyber threat actors. Other challenges include the greater availability of exploits, tools, encryption and anonymous payment systems in 2017 pave the way for a rapid growth of cybersecurity challenges across all industry verticals in the coming year. Organizations will have to meet these challenges with equally aggressive defense strategies, including user education and the integration of threat intelligence and risk assessment into business operations across the enterprise. Learn more by downloading the entire Cyber Threat-scape Report.