State Attackers Moving from Stealing Data to Social Meddling
The new cyber intelligence report expects the monetary benefits will allure the use of crypto-mining malware and cryptocurrencies by cyber attackers this year. The cyber state attacker force is growing at an alarming rate.
New bad actors. Few unexpected nation states are rising in the ranks of sponsored attackers, including spying on thousands of people across 20 countries via an Android malware campaign, and another one infiltrated Russia’s Cozy Bear liar and uncovered the hack of DNC during the 2016 elections.
Cyber-social. State-sponsored attacks are expanding from cyber-physical (compromise data or critical infrastructure), to cyber-social (influence the opinions and actions of people). Russian cyber-social attackers have set the template for nation states and hack-activists.
Critical infrastructure. The utilities and energy industries experienced high indicators of attack activity, suggests that attackers have access to critical infrastructure and are waiting to exploit this access.
Healthcare IoT. The healthcare IoT is problematic due to the increase in networked medical devices. The damage potential is high if those devices are compromised.
Phishing. Email phishing remains the top malware delivery mechanism. While modern email security solutions can detect and stop emails with malicious attachments, they are still largely ineffective in detecting hyperlinks to malicious websites.
State actors tend to zero in on government agencies or utilities and energy targets. They look to steal credit card numbers from financial services & insurance companies or install malware on the critical systems used by healthcare companies.
End users continue to be the best line of defense. Training and knowledge sharing is key.
Sources: MSSP research and Cyber-threat Intelligence report