Threats to the cyber domain, in line with the recent WannaCry and NotPetya malware attacks, are anticipated to grow over the next six months as state-sponsored and rogue actors continue expanding their capabilities to disrupt businesses and undermine governmental institutions with increasingly accessible tools, according to a report by Accenture Security’s iDefense unit released Tuesday.
The 2017 Cyber Threatscape Report examines cyber trends from the first half of 2017 and collected data to predict an increase in the number of adversarial denial and cyber disruption attacks, a growth in the use of information operations tactics by nation-states and a wider breadth of encryption and cyber exploitation tools available for hacking. Through the rest of this year, iDefense anticipates different types of ransomware to be used to target non-Windows platforms, such as Linux and OSX, as well as mobile platforms like iOS and Android.
“The first six months of 2017 have seen an evolution of ransomware producing more viral variants unleashed by potential state-sponsored actors and cybercriminals. Our findings confirm that a new bar has been set for cyber security teams across all industries to defend their assets in the coming months,” Accenture Security Managing Director Josh Ray said in a statement. “While the occurrence of new cyber attack methods is not going away, there are immediate actions companies can take to better protect themselves against malicious ransomware and reduce the impact of security breaches”
Accenture Security is part of the global consulting and services firm Accenture [ACN].
Malicious cyber actors are developing intricate reverse deception tactics and more sophisticated phishing campaigns to gain access to secure information, according to the report. Growing trends include the use of anti-analysis code and expendable command-and-control servers to gain access to classified data. Meanwhile, ransomware has overtaken banking trojans, included as seemingly innocuous phishing links contained in emails, as the the preeminent means of gaining access into government and civilian systems, as seen in the recent WannaCry attack.
“The WannaCry and Petya malware outbreaks wreaked havoc against worldwide businesses, governments, and non-profit institutions in mid-2017, using Windows exploits leaked to the public by the hacking group SHADOW BROKERS, widely reported as stolen from government entities,” iDefense writes in its report. “These leaks, which exposed numerous zero-day vulnerabilities, created multiple worst-case network defense scenarios. Although governments are trying hard to avoid future leaks, Accenture Security iDefense anticipates that more exploit arsenals will be exposed in the coming years.”
For businesses moving forward, iDefense suggests installing proactive protection methods to help employees recognize phishing scams, considering moving to a cloud-based e-mail analytics solution, regularly patching operating systems and adopting cyber resilience plans to reduce the level of insider threats.
In terms of foreign adversarial threats, both North Korea and Iran are expected to continue improving their cyber threat capabilities while focusing on greater disruption activity over the next few months, according to the report. Iran’s efforts are based in infiltrating critical infrastructure such as financial and energy institutions, while North Korea remains focused on gaining access to foreign intellectual property and exploiting vulnerabilities in government systems. iDefense also predicts both China and Russia to remain committed to cyber espionage efforts in order to establish superiority over the domain.
This latest report comes five days after the Department of Justice announced its most significant take-down of a dark web marketplace used for the illicit sales of drugs and arms.
At a July 20 press conference, Attorney General Jeff Sessions announced his department, along with the help of international partners, shut down Alpha Bay where criminals could anonymously purchase weapons on the online black market.
“Today, the Department of Justice announced the takedown of a dark web market, Alpha Bay. This is the largest takedown in world history,” Sessions said at the press conference. “Alpha Bay staff members claim this group serves to more than 40,000 illegal vendors, people who sell illegal products for more than 200,000 customers.”
A RAND Europe report released July 20 detailed how the dark web aids the proliferation of cyber criminals by fueling the illegal trade of weapons.
According to the report, the U.S. remains the most common source country for arms that end up on the dark web. Nearly 60 percent of all firearms for sale on the illegal marketplace originated in the U.S.