OpenText Cybersecurity's 2024 Threat Hunter Perspective Shows Collaboration Between Nation-States and Cybercrime Rings to Inflict More Damage
Adversaries are taking advantage of weak security fundamentals and a lack of countermeasures to carry out cyberattacks
For CISOs, the question isn't whether attacks will happen, but what form they'll take and how enterprises can prepare. According to
"Our threat intelligence and experienced threat hunting team have found that nation-states are not slowing down and, as notable events like the
Highlights from this year's report, which explores comprehensive findings from
- Organized crime rings are supporting attacks by nation-states—possibly through direct collaboration or coordination—by attacking the same targets at the same time.
Russia has been seen to collaborate with malware-as-a-service gangs including Killnet, Lokibot, Ponyloader and Amadey.China has entered into similar relationships with the Storm0558, Red Relay, and Volt Typhoon cybercrime rings, typically to support its geopolitical agenda in theSouth China Sea .- The top threats include Killnet (DDoS attacks), Lokibot (info-stealing malware) and Cobalt Strike (penetration testing tool used by APT groups)
- Attackers are keyed in on specific events, especially major holidays, military aid to
Ukraine , turning the upcomingU.S. presidential election into a time of imminent peril. Nation-states also target specific days of the week for cyberattacks:- Russian cyberattack activity typically follows a Monday through Friday schedule with spikes within 48 hours of an adversarial announcement.
- Chinese attacks don't follow a set schedule, though any data exfiltration is typically slated for Friday afternoons or Saturdays, when it's more likely to be missed, with the data broken into smaller chunks to further reduce suspicion.
- Evasion, misdirection and masquerading are helping adversaries get around defenses designed for direct attacks. Many attacks are taking advantage of weak security fundamentals, with victims increasing their vulnerability by not taking basic countermeasures.
- Nations with weaker cyber defense infrastructure, like the
Democratic Republic of Congo ,Argentina ,Iran ,Nigeria ,Sudan ,Venezuela andZimbabwe , have all been compromised, broadening the range of potential sources for a large-scale attack. - Global supply chains offer another indirect means of inflicting damage where the attacker might target the operations of a port or transportation network to disrupt a military aid shipment to have an indirect but significant impact on the primary target.
- Nations with weaker cyber defense infrastructure, like the
Additional Resources:
- To read the full report and methodology, click here.
- For further insights into the report, read our blog post.
About OpenText Cybersecurity
OpenText Cybersecurity provides comprehensive security solutions for companies and partners of all sizes. From prevention, detection and response to recovery, investigation and compliance, our unified/end-to-end platform helps customers build cyber resilience via a holistic security portfolio. Powered by actionable insights from our real-time and contextual threat intelligence, OpenText Cybersecurity customers benefit from high efficacy products, a compliant experience and simplified security to help manage business risk.
About OpenText
OpenText™ is the leading Information Management software and services company in the world. We help organizations solve complex global problems with a comprehensive suite of Business Clouds, Business AI, and Business Technology. For more information about
Connect with us:
Twitter | LinkedIn
Certain statements in this press release may contain words considered forward-looking statements or information under applicable securities laws. These statements are based on OpenText's current expectations, estimates, forecasts and projections about the operating environment, economies, and markets in which the company operates. These statements are subject to important assumptions, risks and uncertainties that are difficult to predict, and the actual outcome may be materially different.
Copyright © 2024 OpenText. All Rights Reserved. Trademarks owned by
OTEX-G
View original content to download multimedia:https://www.prnewswire.com/news-releases/opentext-cybersecuritys-2024-threat-hunter-perspective-shows-collaboration-between-nation-states-and-cybercrime-rings-to-inflict-more-damage-302260809.html
SOURCE