[ad_1]
The most advanced hacking groups are becoming more and more daring when conducting campaigns, as the number of organizations targeted by larger campaigns has increased by almost a third.
A combination of new emerging groups and menacing actors developing effective network connection strategies has seen the average number of organizations targeted by the most active hacking groups increase from 42 between 2015 and 2017 to 55 in 2018.
The figures, detailed in Symantec's annual report on Internet security threats, suggest that the twenty most prolific hacking groups are targeting more and more organizations as attackers increasingly take on more and more attacks. confidence in their activities.
Groups such as Chafer, DragonFly, Gallmaker and others are all conducting highly targeted hacking campaigns to gather information about companies that they believe hold valuable information.
Once the attackers may have needed the last days to zero in order to gain access to the company's networks, it is now phishing emails containing malicious content, who are most likely the ones who provide them with the initial input they need.
And because these spying groups are very knowledgeable in what they do, they have proven ways to conduct activities once they are in a network.
"It's like they had steps they were going through to make themselves efficient in the networks, then moving sideways to get what they wanted," ZdNet Orla Cox told reporters. , director of Symentec's security unit.
"This makes them more efficient and, for organizations, harder to spot because much of the activity looks like a traditional activity," she added.
In many cases detailed in the report, attackers are deploying what Symantec calls a "living out of the earth" tactic: they use everyday professional tools to help them travel the company network and steal data, making campaigns more efficient. difficult to discover.
Not only is the number of targeted campaigns on the rise, but the targeted organizations are more diverse. Organizations such as utilities, governments, and financial services have regularly fallen victim to gangs of organized cyber criminals, but increasingly, these groups are extending their attacks to new targets.
"In the past, they were clearly focused on a sector, but now we see that these campaigns can target a wide range of goals, from telecommunications companies to hotels, to universities." is more difficult to accurately define the ultimate goal, "said Cox.
Although intelligence gathering remains the primary goal of many of these campaigns, some are beginning to develop their campaigns and are also showing interest in compromising systems.
This trend is particularly worrisome, because if data theft is already a bad thing, hackers capable of running cyber-physical systems could be much worse.
One of the groups seen by Symantec in this activity is a hacking operation called Thrip, which has shown particular interest in taking control of satellite operations, which could potentially cause major disruption.
Faced with the resurgence of targeted attacks, governments are increasingly pointing fingers not only at nations but also at individuals suspected of being involved in cyber espionage. For example, the United States has named individuals they believe are responsible for cyberattacks: they include citizens of Russia, North Korea, Iran and China. The Symantec report suggests that the indictment could disrupt some targeted operations, but it is unlikely that cyber espionage campaigns will disappear any time soon.
READ MORE ABOUT CYBER CRIME
Source link
