DigitalCIO
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
No Result
View All Result
DigitalCIO
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
No Result
View All Result
Digitalcio
No Result
View All Result
Home Security

Highest Percentage of Cybercrime Activity Originates in Russia

DigitalCIO Bureau by DigitalCIO Bureau
October 18, 2023
in Security, Tech News
0
Highest Percentage of Cybercrime Activity Originates in Russia
74
SHARES
1.2k
VIEWS
Share on FacebookShare on Twitter

Netskope has published its Cloud and Threat Report: Top Adversary Tactics and Techniques, focusing on the techniques and motivators that were most commonly detected in the first three quarters of 2023 among Netskope customers globally. Netskope saw a significant number of criminal adversaries attempting to infiltrate customer environments, with Russia-based Wizard Spider targeting more organizations than any other group.

Most Pervasive Threat Groups

Netskope found that the top criminal adversary groups were based in Russia and Ukraine, and the top geopolitical threat groups were based in China. As the top group attempting to target users of the Netskope Security Cloud platform, Wizard Spider is a criminal adversary credited with creating the notorious, ever-evolving TrickBot malware. Other active criminal adversary groups relying heavily on ransomware included TA505, creators of Clop ransomware, and FIN7, who used REvil the ransomware and created the Darksideransomware, while geopolitical threat groups were led by memupass and Aquatic Panda.

Geopolitical adversaries target specific regions and industries for their intellectual property, as opposed to financially motivated actors who develop playbooks optimized for replicable targeting, where they can recycle tactics and techniques with minimal customization.

Vertical and Regional Threats

Based on Netskope findings, the financial services and healthcare industry verticals saw a significantly higher percentage of activity attributable to geopolitical threat groups. In those verticals, nearly half of activity observed comes from these adversaries, as opposed to financially motivated groups. Verticals such as manufacturing, state, local, education (SLED) and technology saw less than 15% of activity coming from geopolitical-motivated actors, with the remaining threats being financially motivated.

From a regional perspective, Australia and North America have the highest percentage of attacks from adversary activity attributable to criminal groups, while other parts of the world, such as Africa, Asia, Latin America, and the Middle East led in geopolitical motivated attacks.

Top Techniques

Spearphishing links and attachments are the most popular techniques for initial access so far in 2023, and as of August, adversaries were three times more successful at tricking victims into downloading spearphishing attachments compared to the end of 2022. While email continues to be a common channel used by adversaries, the success rate is low due to advanced anti-phishing filters and user awareness. However, adversaries have found this recent success using personal email accounts.

So far in 2023, 16 times as many users attempted to download a phishing attachment from a personal webmail app compared to managed organization webmail apps. 55% of malware that users attempted to download was delivered via cloud apps, making cloud apps the number one vehicle for successful malware execution. The most popular cloud app in the enterprise, Microsoft OneDrive, was responsible for more than one-quarter of all cloud malware downloads.

“If organizations can look at who our top adversaries are and the incentives that motivate them, then you can look at your defenses and ask, ‘What protections do I have in place against those tactics and techniques? How will this help me hone in on what my defensive strategy should be?’” said Ray Canzanese, Threat Research Director, Netskope Threat Labs. “If you can defend effectively against the techniques outlined in the report, you’re defending effectively against a really wide swath of adversaries. No matter who you’re up against, you’ll have defenses in place.”

Key Takeaways for Organizations

Based on these uncovered techniques, Netskope recommends organizations evaluate their defenses to determine how their cybersecurity strategy needs to evolve. The most pervasive techniques organizations need to be prepared to defend against include:

  • Spearphishing Links and Attachments- Implement anti-phishing defenses that go beyond email to ensure that users are protected against spearphishing links, no matter where they originate
  • Malicious Links and Files- Ensure that high-risk file types, like executables and archives, are thoroughly inspected using a combination of static and dynamic analysis before being downloaded
  • Web Protocols and Exfiltration over C2 Channel- Detect and prevent adversary C2 traffic over web protocols using a SWG and an IPS to identify communication to known C2 infrastructure and common C2 patterns
Tags: NetskopeRay Canzanese
Share30Tweet19
DigitalCIO Bureau

DigitalCIO Bureau

Recommended For You

Thales Completes Acquisition Of Imperva

by DigitalCIO Bureau
December 4, 2023
0
Thales Completes Acquisition Of Imperva

Thales has completed the acquisition of Imperva, earlier than expected (previously foreseen at the beginning of 2024). This is a key milestone for Thales, creating a global leader...

Read more

SolarWinds India Appoints Abhijit Banerjee as Managing Director

by DigitalCIO Bureau
December 4, 2023
0
SolarWinds India Appoints Abhijit Banerjee as Managing Director

SolarWinds has announced the appointment of Abhijit Banerjee as the new managing director of its India operations, including the region of South Asian Association for Regional Cooperation (SAARC) which...

Read more

AWS Announces Five New Amazon SageMaker Capabilities

by DigitalCIO Bureau
December 4, 2023
0
AWS Announces Five New Amazon SageMaker Capabilities

Amazon Web Services (AWS) has announced five new capabilities within Amazon SageMaker to help accelerate building, training, and deployment of large language models and other foundation models. As...

Read more

Vertiv Collaborates with Intel on Liquid Cooled Solution for the Intel® Gaudi®3 AI Accelerator Platform

by DigitalCIO Bureau
December 4, 2023
0
Vertiv Collaborates with Intel on Liquid Cooled Solution for the Intel® Gaudi®3 AI Accelerator Platform

Critical digital infrastructure provider Vertiv has revealed it is collaborating with Intel to provide a liquid cooling solution to support the new Intel Gaudi3 AI accelerator, scheduled to launch in...

Read more

LTIMindtree Partners with Metasphere to Deliver Smart Sewers Solutions

by DigitalCIO Bureau
December 2, 2023
0
Coforge and Newgen Elevates Partnership

LTIMindtree, a global technology consulting and digital solutions company, announced that it has been selected as a strategic partner by Metasphere, a wastewater application specialist, to scale their...

Read more
Next Post
Fortinet Announces Two New SD-WAN Services

Global MSSPs Select Fortinet Secure SD-WAN and SASE For Secure Networking Services

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Related News

Trend Micro Ranks #1 in Attack Protection in Rigorous MITRE Engenuity ATT&CK Evaluations

Trend Micro Ranks #1 in Attack Protection in Rigorous MITRE Engenuity ATT&CK Evaluations

September 28, 2023

Twitter Curbs Access for 143,000 Apps

July 27, 2018

Walmart Announces Strategic Partnership with Microsoft

July 20, 2018

Browse by Category

  • Acquisition
  • Appointment
  • Archive
  • Artificial Intelligence
  • CIO Interviews
  • Cloud
  • Datacenter
  • Events and Conferences
  • Market Insights
  • News
  • Opinion and Analysis
  • Products
  • Resources
  • Security
  • Storage
  • Tech News
  • Telecom
Digitalcio

Welcome to DigitalCIO, your ultimate source for staying ahead in the ever-evolving world of technology and business.

CATEGORIES

  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
  • Archive

BROWSE BY TAG

Acquisition AI Amazon Web Services Appointment artificial intelligence Artificial Intelligence and Machine Learning AWS Big Data and Analytics Blockchain CISCO Cloud Cloud Computing Commvault CrowdStrike Customer Experience Cybersecurity Danny Allan Dell Technologies DigiCert Digital Transformation E-books Fortinet Gartner GenAI Generative AI IBM IDC Infographics Infosys Internet of Things (IoT) Microsoft Netskope New Relic Panel Discussion ransomware Salesforce SAP SonicWall Sophos Tenable Trend Micro Veeam Software Vertiv Webinars Whitepaper

NAVIGATION

  • Home
  • About Us
  • Advertise with Us
  • Contact Us

© 2023 digitalcio.in - All rights reserved.

No Result
View All Result
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources

© 2023 digitalcio.in - All rights reserved.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?