The 2019 Cyber Threat Intelligence Estimate report, conducted by Optiv Security, suggests that both government hackers and Criminals of cyberspace, increasingly claim that they are each other, to try to hide their traces as part of advanced technical attacks.
The top sectors targeted are retail and healthcare companies, as well as government and financial institutions. The Cryptojacking and ransomware are two new additions to the list of threats, along with botnets, Denial-of-Service (DDoS) attacks, the Phishing and malware.
Optiv says cybercriminals and government hackers are learning from each other and becoming more successful. They are also trying to imitate each other by adopting similar techniques in an attempt to confuse security researchers.
Earlier this week, Check Point Software Technologies warned that US government services were vulnerable to a new collection of attack techniques, linked to a Chinese government-backed hacking team. For seven months, hackers were constantly changing the method of their attacks, trying to hide their origin.
Check Point researchers said the hackers had been working hard to create useful information documents in forms related to government documents. US government agencies are particularly vulnerable to this new attack.
Crowdstrike posted one this week report which characterized the Chinese hackers as the most active of any country, and said they had attacked many industries: chemicals, toys, healthcare, hospitality, construction, technology and telecommunications.
The tools and techniques developed by state hackers help cyber criminals earn hundreds of millions in cash and IP. As governments seek backdoors security systems and their security teams develop advanced hacking tools, cybercriminals benefit more from exploiting weak security systems and using the same tools.
One example is the US National Security Agency's EternalBlue hacking tool. which is in the hands of cyber criminals and is used in ransomware attacks in US cities and government agencies.
Government efforts to develop sophisticated attack software, which then leaks into Internet, exacerbates an already dangerous cybersecurity landscape. State security teams do not seem to be developing defensive technologies, which means an ever-growing arsenal of advanced attack technologies that can use, adapt and improve cybercriminals.