APTs are targeting more cybercrime

Cybercrime campaigns and high-profile developed threat groups change the way victims are targeted and focus more on complex partnerships with 'safe union' partnerships to cover up the activity, according to Threat's latest report of 2019 by Accenture.

A shift to high level exploitation models for cybercrime

The report notes a significant increase in threat actors and teams making targeted invasions for financial gain, also referred to as "big game hunting".

Despite the arrests of people associated with online underground markets, activity continued between APT groups - such as the Cobalt group, FIN7 and Contract Crew. Her analysts Accenture Security have also observed the sharing of tools that automate the process of mass production of malicious documents to spread malware software, such as More Eggs, which is used in both conventional crimeware campaigns (malware specifically designed for cybercrime) and targeted attacks.

Ongoing activity is linked to relationships formed between "secure unions" that work closely together and use the same tools - pointing to a significant change in the way threat actors work in the underground economy.

With unions working together, the lines are even more blurry between threat groups, making performance more difficult.

In addition, Accenture Security analysts have observed a shift in the way the Cobalt group aims to provide victims with access to the victim's supply chain networks.

While the malicious programs are usually sent to its users Internet via phishing emails, analysts are now seeing malware running through web browsers and focusing on targeting specific merchants and retailers.

The global misinformation battlefield

The report also finds evidence of continuing the battlefield of global misinformation affecting users of social media and warns that threat factors are becoming increasingly specialized in exploiting legitimate tools.

While the campaigns misinformation to influence both domestic and foreign political sentiment and national elections continue, the wider potential impact of misinformation on global financial markets is all the more important.

The financial services industry - in particular high-frequency trading algorithms, which rely on text-based fast sources of information - are likely to be targeted in the future for large-scale repayment efforts.

Increase in ransomware: network access for sale

In addition, ransomware is increasingly plaguing them businesses And the government infrastructure, with the number of attacks ransomware have tripled in the last two years.

In addition to junk mail delivery, analysts have been monitoring Nikolay and GandCrab threat groups planting ransomware directly on networks through access intrusions into network.

Actors Offer to Sell Remote Desktop Protocol (RDP) to Corporate networks, which they have probably acquired through the compromises servers and RDP, to those in underground communities.

About Accenture's report on Accenture's threat environment

Taking advantage of Accenture's threat-security integrity capabilities and researching primary and secondary open source materials, the annual report provides information and forecasts on the cybersecurity landscape and how it will change in the coming year.

The goal is to help them organizations stay ahead of threats to their organization, industry and geography.