What is the difference between state support hackers and cybercrime gangs?
By Prempal Singh
Cybersecurity researchers say there’s no longer a distinction between government hackers and progressively complex cyber criminal groups.
Organized cyber crime is now as complex every government-backed hacking group — and businesses are losing slowing both.
Cyber criminal groups are usually more organized than ever. Many of the most complex organization operate as if these were a legitimate internet software company — and they are rivaling the capacities of even the most highly drilled state-sponsored hacking group. The distinction between state-sponsored actors and hacking clique no longer exists.
“While nation-states continue to arranged a high bar for complex cyber attacks, some financial threat actors have captured up to the point where we will no longer see the line separating both, ” warns the new 2017 M-Trends report by cyber security researchers at FireEye.
“Financial attackers have increased their tactics, techniques, and procedures (TTPs) to the point where they may have become difficult to find and, challenging to investigate and remediate inch.
These financial attackers are so focused on their objectives and so skilled and resourced that they are able to build custom backdoors with a “unique configuration for each and every compromised system”, the report warns.
This kind of increases the resilience of cyber attacks and malware, and makes it harder for even the most advanced forensic techniques to trail what has happened when malicious activity is uncovered.
The advanced nature of these cybercriminal tactics means that organization is battling to keep up with the latest hacking risks, with researchers stating how defensive capacities have recently been “slow to evolve and respond”.
Many organizations are “still lacking fundamental security controls and capacities to either prevent breaches or to minimize the damage and consequences of an inevitable compromise”, the record warns.
One of the methods cyber criminal actors are using to infiltrate objectives is phishing emails that have become almost indistinguishable from a real message as attackers customize their e-mails to a specific consumer, location, or employee.
Assailants are even willing to take a hands-on procedure with specific victims to acquire entry to a goal network. The report records instances where hackers have phoned targets in order to help these organization permit macros in a phishing document, to be able to allow malicious payloads to be deployed.
While potential cracking in the recent US election has received much attention, the FireEye record argues that EMEA is particularly susceptible to cyber criminal disturbance. It says Russian-backed cyber criminals may be trying to influence elections throughout the European Union — a claim which NATO has also made.
“In 2016 we saw cyber attacks propagate widely and publicly into areas such as polls and attackers became more sophisticated, ” says Stuart McKenzie, vice president of Mandiant at FireEye. “There is still much to do as attackers only desire a few days to complete their objectives inch.
source: www.zdnet.com