The Changing Landscape of Cyber Threats
Just as climate change is creating more serious storms, changes in the nature of cyber threats are creating storms of a different kind. The Accenture 2019 Cyber Threatscape Report (https://www.accenture.com/us-en/insights/security/cyber-threatscape-report?c=acn_glb_cyberthreatscaptwitter_11006956&n=smc_0819) shows a “distinct and dangerous shift” in threat actor activity. As summarized on the Cyber Security Intelligence website, five factors are influencing the cyber threat landscape:
- Cyber threat actors are taking advantage of high profile global events by seeking to influence mass opinion as they target global businesses.
- As law enforcement steps up activity against cyber criminals they are adapting to remain operational. While conventional attacks will continue to pose a significant threat, criminals will shift their operations by working within syndicates, taking advantage of local environments, precision targeting using legitimate documents to identify potential victims, or selling and buying direct access to networks for ransomware delivery.
- Ransomware attacks may have hybrid motives, ideological or political in addition to financial. Self-propagating ransomware such as WannaCry increases the threat level.
- Cybersecurity hygiene is improving, pushing criminals to target “low hanging fruit” in supply chains, including hardware and software providers and the cloud.
- Vulnerabilities in computer cloud infrastructure have been discovered in the last two years. Criminals can use side channels to read sensitive data. Mitigations are available but at a cost of reduced performance.
The cost of cybersecurity is increasing, but improvements make it harder for threat actors to disrupt or breach networks.