Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish
| (844) 627-8267

5 Types of Cyber Crime Groups | #cybercrime | #computerhacker

Trend Micro’s Eric Skinner, VP of market strategy, and Chris Lafleur, Sr. global incident response program manager, discuss the new Rhysida ransomware attack on the healthcare sector and remediation strategies for organizations.

Read more: How to Prevent Ransomware as a Service (RaaS) Attacks

Reliable web hosting services that can withstand abuse complaints and law enforcement takedown requests are critical to keeping a cybercriminal operation running smoothly and covertly. Bulletproof hosting services are essentially leased hideouts where malicious actors can store files or even the malware necessary for their attack campaigns.

Void Griffin offered its first fast-flux bulletproof hosting service in 2015 and has been home to many different APT groups and prominent malware families since.

Read more: Looking into The Void: Probing a Top Bulletproof Hosting Service

Cybercriminals have turned to crowdsourcing their offensive research and development processes to find new attack methods. This relatively new type of cyber crime had increased in the last two years. Trend Micro Research observed an uptick in malware actors holding public contests in the criminal underground to find new creative attack methods.

Some contests will seek talent (like The Voice or American Idol), but these are rarer. Most contests are seeking knowledge; they’re looking for technical articles on new attack techniques, vulnerabilities, etc. And yes, a prize – or even multiple – are awarded to the best or most innovative technical proposal. Oftentimes the requests are more generic versus limiting the topic to a specific domain.

Trend Micro Research anticipates an increase in the number of crowdsourcing competitions, which in turn will accelerate criminal innovation. And such evolutions do not need to be major; small tactical wins can allow criminals to bypass current defenses.

Read more: From Bounty to Exploit: Cybercriminals Use Crowdsourcing for New Attacks

According to Verizon, 78% of organizations experienced email-based ransomware attacks in 2021. Not only is phishing common, but it’s costly — the email-based attack cost large enterprises almost $15 million USD annually.

Like RaaS or Aaas, this attack technique allows anyone with even entry-level knowledge of the cybersecurity landscape to deploy a phishing attack. Cybercriminals act as a service provider on behalf of others in exchange for payment and/or a portion of a ransomware payout.

Wannabe scammers can also purchase a phishing kit, which include the capabilities and tools required to launch an attack such as email templates, spoof website templates, tact lists of potential targets, etc.

Read more: Phishing as a Service Stimulates Cybercrime

Cybersecurity Defense Strategies

So, how can you address the different types of cyber crime groups? Unfortunately, enterprises can’t jump into the cybercriminal underground and stop crowdsourcing. But they can work to prevent or limit the scope of the outcome by implementing a cybersecurity defense strategy that focuses on detecting and preventing the initial access breach.

The earlier you can detect the initial access of an attack, the more likely you can prevent the following components of the attack lifecycle from occurring, like ransomware. Here are other components to consider when creating an effective security strategy:

1. Partner with a security vendor that leverages global threat research to constantly monitor public breaches and bulletproof hosting services in the criminal underground. This ensures your solutions are optimized to defend against the latest threats. Additionally, by proactively locating and blocking the bulletproof hosting infrastructure, defenders can block attacks in the earlier stages of the kill chain.

2. Follow a zero trust approach to network security by implementing a SASE architecture. SASE is composed of Zero Trust Network Access (ZTNA), Secure Web Gateway (SWG), and Cloud Access Security Broker (CASB) capabilities to strengthen protection and control across the attack surface.

3. Establish an incident response (IR) playbook to surface any security gaps. Make sure your IR teams or vendor understand the multi-attacker scenario and know where to focus their efforts.

4. Establish a strong patch management strategy to limit the scope of exploits. This should include identifying the most relevant patches, making a zero-day exploit plan, communicating with vendors, and utilizing virtual patching.

5. Leverage trusted cybersecurity frameworks for password best practices like the National Institute of Standards and Technology (NIST) and the European Union Agency for Cybersecurity (ENISA). The Center of Internet Security (CIS) provides thorough guidance on prioritization and resource management, as well as filling any gaps that could be exposed by attackers.

6. Use a unified cybersecurity platform with XDR capabilities to help consolidate and correlate threat activity across endpoints, cloud, networks, email, etc., for more visibility.

For more insights into types of cyber crime groups and how to strengthen your defense strategy, check out the following resources:


Click Here For The Original Source.