According to a cyber threat intelligence firm’s Annual Threat Landscape Report, a growing eCrime economy is behind increasing attacks against the financial services, retail, and government sectors. The financial industry is the most targeted industry worldwide, accounting for more than one third of all targeted attacks. Retail is the third most targeted worldwide, behind manufacturing in the Americas and government targets in APAC (Asia-Pacific) and EMEA (Europe, Middle East and Africa), according to the Israeli firm CyberInt.
Banking trojans top the most prevalent malware families observed during 2019. The volume of attacks is increasing due to the sale of “As a Service” platforms allowing less sophisticated attackers access to more complex tools for as low as several US dollars a month.
The firm predicts that 2020 will continue to see organisations targeted by organised cybercriminal groups, or nation-state sponsored threat actors. What the firm terms eCrime groups will continue to focus on big gains by going after large organisations, while nation-state actors will focus on IP theft and will continue to target utilities and commercial or defence contractors to gain advantage and minimise R&D and manufacturing gaps among nations.
Daniela Perlmutter, VP of Marketing for CyberInt says: “In-depth understanding of the threat landscape and how threat actors conduct operations are key factors in helping our customers protect their businesses. Continuously monitoring threats in real time as well as investigating and tracking their TTPs and infrastructure delivers an in-depth perspective of the behaviours and motivations that is critical for threat detection and mitigation.”
And less sophisticated attacks using the “as a service” platforms available in the underground economy are increasing in prevalence, becoming serious threats for enterprises, the cyber firm adds.
Adi Peretz, Head of Research at CyberInt says: “Cybercriminals keep using the same TTPs because they work. Commoditising the attack infrastructure allows less sophisticated threat actors to gain access to more effective tools and poses an increasing risk to organizations’ IT infrastructure.”
The firm has used data collected by its Argos Threat Intelligence Suite. See also the company’s blog.
