Cybercrime campaigns and high-profile developed threat groups change the way victims are targeted and focus more on complex partnerships with 'safe union' partnerships to cover up the activity, according to Threat's latest report of 2019 by Accenture.
A shift to high level exploitation models for cybercrime
The report notes a significant increase in threatening individuals and groups carrying out targeted incursions for financial gain, also referred to as "big game hunting".
Despite arrests of people involved in online underground shopping, activity continued between APT teams - such as the Cobalt group, FIN7 and Contract Crew. Its analysts Accenture Security have also observed the sharing of tools that automate the process of mass production of malicious documents to spread malware software, such as More Eggs, which is used in both conventional crimeware campaigns (malware specifically designed for cybercrime) and targeted attacks.
Ongoing activity is associated with relationships formed between "safe unions" working closely together and using the same tools - pointing to a significant change in the way threat agents work together in the underground economy.
With unions working together, the lines are even more blurry between threat groups, making performance more difficult.
In addition, Accenture Security analysts have observed a shift in the way the Cobalt group aims to provide victims with access to the victim's supply chain networks.
While the malicious programs are usually sent to its users Internet via phishing emails, analysts are now seeing malware running through web browsers and focusing on targeting specific merchants and retailers.
The global misinformation battlefield
The report also finds evidence of continuing the battlefield of global misinformation affecting users of SOCIAL MEDIA and warns that threat factors are becoming increasingly specialized in exploiting legitimate tools.
While the campaigns misinformation to influence both domestic and foreign political sentiment and national elections continue, the wider potential impact of misinformation on global financial markets is all the more important.
The financial services industry - and more specifically high-frequency trading algorithms, which rely on fast, text-based information sources - is likely to be targeted in the future in large-scale repayment efforts.
Increase in ransomware: network access for sale
In addition, ransomware is increasingly plaguing them businesses And the government infrastructure, with the number of attacks ransomware have tripled in the last two years.
In addition to junk mail delivery, analysts have been monitoring Nikolay and GandCrab threat groups planting ransomware directly on networks through access intrusions into network.
Actors Offer to Sell Remote Desktop Protocol (RDP) to Corporate networks, which they have probably acquired through the compromises servers and RDP, to those in underground communities.
About Accenture's report on Accenture's threat environment
Taking advantage of Accenture's threat-security integrity capabilities and researching primary and secondary open source materials, the annual report provides information and forecasts on the cybersecurity landscape and how it will change in the coming year.
The goal is to help them organizations stay ahead of threats to their organization, industry and geography.