Friday, January 22, 00:18
Home security Why do government hackers focus more on stealing credentials?

Why do government hackers focus more on stealing credentials?

Over the years, more and more advanced cyber threats appear. Many times state hackers do cyber attacks, with the ultimate goal of gaining their countries. But where do they focus more on their attacks? Now, government hackers are focusing more on stealing credentials than stealing money. But why is this happening?

Speaking to Virtual Update, Jens Monrad, head of MandE Threat Intelligence EMEA at FireEye, focused on attacks by Russia, Iran and China, as well as in the various activities of these countries. Monrad said the attacks were easy because of the user's common digital fingerprint, which could allow an attacker to snatch items related to the victim and use them in a script. social engineering.

stealing credentials

He also explained how the detection malware by FireEye focuses on stealing credentials and stealing information, no matter what the motive for an attack - if one can steal or buy stolen credentials - it will make "less noise" in the business. Credentials can vary - from anything that requires a username and password access, up to databases or access to in cloud environments.

Monrad also pointed out that from the perspective of cybercrime or even as part of the nation-state campaign, the purchase of these credentials can enable one to quietly invade a system. If it is a cybercriminal who develops ransomware after a breach, this will ensure the success of his invasions.

This is why Mandiant focuses on stealing credentials, as it considers it a challenge for organizations to control their credentials, track stolen credentials and ensure that they use the best password guidance and enforcement. MFA.

stealing credentials

Asked if the company's investigation had taken into account countries directly targeting money laundering during their cyber-attacks, such as North Korea, Monrad acknowledged that where North Korea was involved, the goal was direct monetary gain.

He added that there are still purely "financial attacks", while more typical cyber attacks are carried out, in which the attacker tries to earn large sums of money, but the biggest game with the theft of credentials is now common, and from the perspective of cybercrime, The value of money laundering attacks is declining as cybercriminals gain more by selling access to desktop, rather than aiming at direct theft of money.

Finally, Monrad said that this shift in focus from money laundering to credentials theft is largely observed, with the exception of North Korea, noting that hackers are more interested in interacting with banking systems and mechanisms. and specifically with the system SWIFT, for example.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Pohackontas
Pohackontashttps://www.secnews.gr
Every accomplishment starts with the decision to try.

LIVE NEWS

Mac: How to see which model you have and when it was released

When you need support for your Mac - or want to install some kind of upgrade - you usually need to know the exact ...
00:02:35

Bill Gates: Will he work with Biden on COVID-19 / climate change?

Microsoft co-founder Bill Gates said on Twitter that he is looking forward to working with the new US President, Joe Biden, and ...

What are the rumors circulating about the iPhone 13?

Apple iPhone 13 will have a redesigned Face ID system that will have a smaller notch at the top of the screen, ...

Biden: How was the political transition in the US captured on social media?

As Joe Biden was sworn in as President of the United States, this important political transition was captured on popular social media. On January 20, ...

CentOS ceases to be supported but RHEL is offered for free

Last month, Red Hat caused a great deal of concern in the Linux world when it announced the discontinuation of CentOS Linux.

Microsoft Office 365 employee passwords leaked online!

A new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection (ATP) and ...

COSMOTE and Microsoft provide new cloud solutions for businesses

COSMOTE and Microsoft expand their cooperation, offering even more advanced and high quality cloud solutions, in large and small ...

Cyber ​​attacks in Eastern Europe are on the rise!

The cyber-attacks that have taken place in many US government agencies and companies in recent months have caused concern in the developing countries of ...

Tesla reduces the prices of the Model 3 in Europe

Tesla has reduced the prices of the Model 3 in many European markets, which reductions could be partly linked ...

iOS, Android, XBox users in the crosshairs of a new malvertising campaign

Recently a new malvertising campaign was discovered that targets users of mobile and other connected devices and uses effective ...