The top five key areas according Accenture: Iranian threat is a growing force to be reckoned with; Extended supply chain threats are challenging the ecosystem; Critical infrastructure is a high-value target for threat actors; Advanced persistent threats are becoming more financially motivated, and Miner malware is creating a cryptocurrency surge
The top cyber threats that are influencing the global cyber risk landscape are five. They have been identified by Accenture in the “Cyber Threatscape 2018” report. They are Iran-based threat actors who develop and use ransomware and repurpose popular malware; Nation-state-sponsored, hacktivist-driven attacks on IIoT (industrial internet of things) systems increasing in the utilities, oil and natural gas, and manufacturing industries; Critical infrastructure as a tempting high-value target for threat actors; Advanced persistent threat (APT) operations becoming more financially motivated, and The radical shift in alternative cryptocurrency mining malware. The sources are rogue nation states (cyber warfare) and the cybercrime. Their aim is to disrupt business operations, make money, or spy on targets across organizations and critical infrastructure.
The Iranian cyber Threat
“Iranian threat is a growing force to be reckoned with Iran-based threat actors and threat groups are likely to continue to grow their malicious activities and capabilities in the foreseeable future.” the report stated. “Organizations, businesses and governments should proactively build resilience against Iran-based threat actors. The development and use of ransomware from Iran is likely to continue. The increased repurposing of popular malware by Iranian-based threat actors could lead to the use of ransomware for destructive purposes by state-sponsored organizations”.
Extended supply chain threats are challenging the ecosystem
“Cyber-adversaries have slowly shifted their attack patterns to exploit third- and fourth-party supply chain partner environments to gain entry to target systems, even in verticals with mature cyber security standards, frameworks, and regulations.” Accenture revealed. “Organizations operate in a complex and challenging environment. iDefense believes cyber-criminal, espionage and hacktivist groups will continue to target supply chains and the strategic business partners that contribute to them for monetary, strategic and political gain.
Critical infrastructure is a high-value target for threat actors
“The oil and gas industry will continue to be an attractive target for threat actors, given the disruption that a cyber incident could inflict on the security and economy of an oil-producing country.” the document explains. “The oil and gas industry organizations need to hire new talent to manage and support emerging technologies and should align IT-OT convergence with IT and OT priorities”. Furthermore, the Advanced persistent threats (APT) are becoming more financially motivated. “Financially motivated cyber criminals are stepping up their game. Groups such as Cobalt Group and FIN7 have been targeting large financial institutions and restaurant chains successfully. FIN7 continues to innovate, with analysts having observed a new version of the Bateleur malware, version 1.1.0, in April 2018. FIN7 has been less active than in the previous year, but the threat is still present”.
Miner malware is creating a cryptocurrency surge
Finally, “Cyber criminals have grown their use of cryptocurrency miner malware and is likely to continue into 2019 in a shift toward malware mining alternative cryptocurrencies, most notably, Monero. Ransomware continues to be the most prevalent attack vector for extortion operations, with attacks doubling from 2016 to 2017, rising from 13 percent to 27 percent of all reported incidents targeting corporations”.