Malware economy is booming — Sophos – Back End News

/in


According to the latest report from cybersecurity firm Sophos, the commercialization of cybercrime drove an uptick in nearly all types of cyberattacks in 2022. The malware economy is booming which means no organization is immune to cyberthreats.

The Sophos 2023 Threat Report details the current cyberthreat landscape, including which ransomware groups to watch for and the tools, tactics, and procedures (TTPs) used by today’s adversaries to execute attacks. 

Scott Barlow, vice president of Managed Service Providers (MSP) and Cloud Alliances, Sophos Global , shares what organizations can expect in the 2023 cyberthreat landscape: 

Omdia Universe recognizes Sophos as XDR leader
Cybercriminals scam each other — Sophos

1. The commercialization of cybercrime isn’t slowing down

Although ransomware-as-a-service (RaaS) isn’t a new phenomenon, the widespread adoption of the “as-a-service” model has made nearly every component of cybercrime available for purchase. Many bad actors specialize in one element of an attack (like initial ransomware infection or data extraction) and market and sell their tools and services on forums on the dark web.

Cybercriminals also use these forums to identify and recruit talent, growing their “organizations” and adding new capabilities. The proliferation of sub-cybercrime markets makes the most sophisticated tools and tactics available to every cybercriminal.

2. Demand skyrockets for infostealers and stolen credentials

Infostealers and infostealing malware like keyloggers and remote access trojans (RATs) have always played a key role in the cyberthreat landscape. But the rise in demand for stolen credentials placed an even brighter spotlight on infostealing. Even though attackers historically relied on virtual private networks (VPNs) and remote desktop protocols (RDPs) to gain network access, stolen credentials provide more entry points and can be used to move laterally. For example, a bad actor can leverage stolen credentials to impersonate employees of an organization and bypass authentication measures.

The credential theft marketplace is also an effective way for attackers to get a foot in the door to the world…

Source…