Ready-made cybercrime is the latest security threat
January 29, 2021
Despite the best efforts of CISOs everywhere, cybercrime is often down to random opportunism. And, although it would make detection far easier, there’s no one-size-fits-all cybercriminal, either.
Some threat actors like to use mass scanning or widespread phishing to target intrusions. They hope to gain a foothold for ongoing espionage or lay the groundwork for a bolder campaign. Others are more precise and subtle. They use clever masquerading and abuse legitimate credentials to break through networks. Then they throw in a bit of ransomware to compromise security further.
As our latest 2020 Cyber Threatscape report reveals, routinely, we find cybercriminals use both masked and noisy cyberattacks to complicate the process of detecting and attributing threat activity. They use off-the-shelf tools and techniques to enhance deniability, effectiveness and ease of-use so that their prolific attacks can continue. And our report shows how they are doing that year after year.
<<< Start >>>
<<< End >>>
Our latest observations are part of five frontline trends that are influencing the cyberthreat landscape. In my earlier blogs I’ve shared two trends so far and suggested ways to tackle them. We’ve looked at COVID and the opportunistic threats from remote working. And we’ve seen how new sophisticated attacks are targeting business continuity. Now, we’re going to take a tour of the cybercriminal’s mind—and what we can do to understand it better.
Here are three things we’ve seen happening in the last year:
Senior decision makers and their security teams need to stay one step ahead. How? Well, prioritizing continuous and bespoke threat intelligence tailored for a specific organizational profile helps. And taking an intelligence-led security approach that identifies mitigations for certain adversaries means you can be quicker to target your response.
It’s really important to understand the commonly used tools and techniques, especially those involving malicious use of native systems and penetration test tools, and make sure they can be detected in your own environment. It means you can start to prepare for ready-made cybercrime long before it threatens you.
Take a look at the full report for more on the latest cybersecurity threats.
A special thanks to the following individuals who also contributed to 2020 Cyber Threatscape Report: Patton Adams, Omar Al-Shahery, Joseph Chmiel, Amy Cunliffe, Molly Day, Oliver Fay, Charlie Gardner, Gian Luca Giuliani, Samuel Goddard, Larry Karl, Paul Mansfield, Hannaire Mekaouar, Mei Nelson, Nellie Ohrand Kathryn Orme.
Accenture Security is a leading provider of end-to-end cybersecurity services, including advanced cyber defense, applied cybersecurity solutions and managed security operations. We bring security innovation, coupled with global scale and a worldwide delivery capability through our network of Advanced Technology and Intelligent Operations centers. Helped by our team of highly skilled professionals, we enable clients to innovate safely, build cyber resilience and grow with confidence. Follow us @AccentureSecure on Twitter or visit us at www.accenture.com/security.
The opinions, statements, and assessments in this report are solely those of the individual author(s) and do not constitute legal advice, nor do they necessarily reflect the views of Accenture, its subsidiaries, or affiliates.
Copyright © 2021 Accenture. All rights reserved. Accenture, and its logo are trademarks of Accenture.