• Among Findings : Underground Economy Thriving with Sales of “As a Service” Threat Kits for Less Sophisticated Threat Actors
TEL AVIV, Israel, Jan. 15, 2020 : CyberInt, a leading provider of threat intelligence-led detection and response solutions for digital consumer businesses, has released CiPulse 2020, its Annual Threat Landscape Report. It reveals the growing eCrime economy, the increasing prevalence of attacks in the financial services, retail, and government sectors, and in-depth analyses of adversarial tactics, techniques, and procedures (TTPs) used against the different regions and industries.
Key findings include:
- The Financial industry is the most targeted industry worldwide, accounting for more than one third of all targeted attacks
- The Retail industry is the third most targeted worldwide, behind Manufacturing in the Americas and Government targets in APAC and EMEA
- Banking trojans top the most prevalent malware families observed during 2019
- The volume of attacks is increasing due to the sale of “As a Service” platforms allowing less sophisticated attackers access to more complex tools for as low as several US dollars a month
- 2020 will continue to see organizations targeted by organized cybercriminal groups or nation-state sponsored threat actors. eCrime groups will continue to focus on big gains by going after large organizations, while nation-state actors will focus on IP theft and will continue to target utility companies and commercial or defense contractors to gain advantage and minimize R&D and manufacturing gaps among nations.
“In-depth understanding of the threat landscape and how threat actors conduct operations are key factors in helping our customers protect their businesses,” says Daniela Perlmutter, VP of Marketing for CyberInt. “Continuously monitoring threats in real time as well as investigating and tracking their TTPs and infrastructure delivers an in-depth perspective of the behaviors and motivations that is critical for threat detection and mitigation.”
While highly sophisticated organized cybercriminal groups and nation-state sponsored threat actors pose ongoing threats, less sophisticated attacks using the “as a service” platforms available in the underground economy are increasing in prevalence, becoming serious threats for enterprises.
“Cybercriminals keep using the same TTPs because they work,” says Adi Peretz, Head of Research at CyberInt. “Commoditizing the attack infrastructure allows less sophisticated threat actors to gain access to more effective tools and poses an increasing risk to organizations’ IT infrastructure.”
The analysis is based on the combination of data collected by CyberInt’s Argos Threat Intelligence Suite and further in-depth investigative activities by CyberInt researchers and analysts who contextualize, categorize, correlate, and enrich the intelligence data.
CyberInt’s unique value proposition transforms cybersecurity into a business enabler, combining cyber expertise and profound business understanding within each market, delivering insights and actions that protect what matters most: business goals, customers, employees, and brand. CyberInt’s solutions combine integrated insights from human-driven machine learning technology with highly experienced cyber analysts to ensure zero false positives and deliver threat mitigation recommendations and proactive defense services.
A copy of the report is available for download