Cyber-criminals are continuously evolving to evade detection and disrupt operations. A new report from Accenture reveals five key areas CIOs should be aware of.
Cybercrime is a fast-paced world, with bad actors constantly networking, researching and testing out new tactics to increase reward and scale of attack.
2018 has been an intense year so far in cybersecurity, with an array of breaches and threats hitting headlines.
A new report from Accenture sheds some light on the five cybersecurity trends influencing the modern threat landscape, from supply chain threats to cryptocurrency mining.
With 71pc of organisations surveyed by Accenture Security iDefense saying they still have a lot to learn when it comes to threat mitigation, the research is a vital read.
Iran is on the rise
According to Accenture, Iran-based threat actors and groups look likely to continue their activities throughout the year, boosting their capabilities to boot.
Threat intelligence researchers have noted a growth in attack surface pertaining to Android devices, potentially leading to increased deliveries of malicious apps through the Google Play Store.
Iranian threat actors will also continue to work on developing and deploying repurposed ransomware. State-sponsored groups such as the Islamic Revolutionary Guard Corps Cyber Command may use such ransomware for future attacks against organisations or governments.
As well as going on the defensive due to tensions with the US, the government in Iran might take a more aggressive approach against neighbours such as Bahrain and Israel.
Supply chain threats still a massive issue
Third- and fourth-party attacks are a key trend for this year, as any CIO worth their salt knows.
While supply chains are crucial for enterprises, these networks are prime targets for bad actors zoning in on vulnerabilities. We have seen this with the plethora of third-party breaches.
The report said: “Firms that are cornerstones of the supply chains of other institutions bear the burden of evaluating threats as both suppliers and consumers.” Attacks such as Spectre, Meltdown and Petya were mentioned.
Nation-state groups are also adept at carrying out supply chain attacks. For example, a Chinese espionage group dubbed Pigfish used the compromise in CCleaner to perform targeted attacks. Accenture said that trusted third parties will continue to be vectors of intrusion. Audits are crucial.
Critical infrastructure in the crosshairs
According to the report, the oil and gas industries have a lot of work to do to prepare for the emerging cyber risks.
These industries will likely continue to be an attractive target due in part to the rise of the industrial internet of things and the potential for mass disruptions.
It recommends a cybersecurity culture that provides training for all involved and a communicative and collaborative approach. Third-party audits are again useful.
Advanced persistent threats are following the money
Advanced persistent threats are usually motivated by espionage, but the report shows that groups such as Cobalt Group and Fin7 have found success targeting restaurant chains and financial institutions.
The Cobalt Group alone is apparently responsible for $1.17bn worth of damage to the financial sector. Some state-sponsored groups also carry out money-grabbing attacks.
Cryptocurrency-mining malware craze
Cryptocurrency-mining malware emerged this year as one of the most popular forms of malware as it’s simple to use and provides people with a quick win.
Monero is the most popular currency in these cases, as criminals moved away from bitcoin towards altcoins. Espionage groups also take advantage of this attack vector.
As well as these five cybersecurity trends, GDPR implementation is influencing data-for-ransom attacks, and ransomware extortion continues to rise.
As opposed to reacting to a cybersecurity incident, the report urges IT security managers to adopt a model of continuous response.