Ken Turbitt Blog
Aidan Lawes Blog
Paul Gostick Blog
Dr Jenny Dugmore Blog
Shirley Lacy Blog
Alim Ozcan Blog
Juan Jimenez Blog
Ian Clayton Blog
Nas Ozcan Blog
Aidan Mills Blog

Digital Health Technology Vision 2018
Health organizations are embracing intelligent technologies but must do more to prepare for societal impact...

Ten Strategic Technology Trends for Government
Technologies that enable new service models for digital government must be at the top of the list for government organizations as they prioritize technology investments...


The Robots are Coming: Are CEOs Ready for the Era of Automation?
CEOs agree that robotics is going to make their companies more efficient, with 94% of those who've already adopted robotics saying that it's increased productivity in their business...


The 2015 Chief Digital Officer Study
More companies are appointing a Chief Digital Officer to join their C-suite - but are they doing it quickly enough?...


18th Annual Global CEO Survey
The United States has overtaken China as top target for growth for the first time in five years...

9 August 2018 | ITSM
Send to a colleague | Add to MY ITP

Report Identifies Five Global Cybersecurity Threats
Accenture has identified five key areas that are influencing the cyber threat landscape...

Organizations and critical infrastructure will likely experience a greater number of, and more-destructive cyberattacks, including physical damage perpetrated by highly funded rogue nation states and cybercriminals looking to disrupt business operations, make money or spy on targets, according to a new report from Accenture.

Specifically, the report predicts an escalation of Iran-based cyber-threat activity; a broadening attack of global supply chains; increased targeting of critical infrastructure; as well as new and growing avenues of financially motivated cybercrime.
The Cyber Threatscape Report 2018 examines trends in cyber threats observed and analyzed during the first half of the year and explores how cyber incidents might evolve over the next six months. The report is based on intelligence collection and analysis from Accenture Security’s iDefense threat intelligence operations, including research using primary and secondary open-source materials. It notes the increased prevalence of destructive attacks; the aggressive use of information operations by nation-states; the growth in the numbers and diversity of threat actors; as well as the greater availability of exploits, tools, encryption and anonymous payment systems available to malicious actors.

“Our threat intelligence teams have spent the last 20 years keeping close track of threat actors and cyber crooks and the creative ways they might try to break into networks,” said Josh Ray, managing director at Accenture Security. “To protect against these emerging threats and respond if they should fall victim to an attack, organizations must be proactive in thinking about business risk on a day-to-day basis. Learning from previous incidents and understanding what is coming next based on timely and actionable threat intelligence is key to keeping data and systems safe.”

The report outlines five key threats:     
Threat #1: The Iranian cyber threat is real

Although Iran is generally perceived as an emerging cyber power, new evidence shows Iran-based threat actors and state-sponsored groups are expanding their malicious activities and capabilities. Accenture’s threat intelligence analysts have observed that the PIPEFISH cyber-espionage threat group continues to be highly active and is advancing its toolset. This threat group has been primarily targeting Middle Eastern organizations in the energy sector across countries such as Saudi Arabia, Qatar and United Arab Emirates for surveillance and espionage objectives. Newly uncovered malware from PIPEFISH has the ability to execute remote commands and to upload and download files from the victim’s system. Additionally, analysis has identified the emergence of Iran-based ransomware, indicating that Iranian cybercrime actors are likely to target global organizations by using ransomware as well as cryptocurrency miners for financial gain.

Threat #2: Nation-states look to exploit third- and fourth-party environments

Cybercriminal, espionage and hacktivist groups will continue to target supply chains, and the strategic business partners that contribute to them, for monetary, strategic and political gain. For instance, Accenture’s threat intelligence analysts believe that a China-based group of hackers known as PIGFISH is targeting organizations in multiple industries to fulfil collection requirements for various espionage missions and simultaneously gain access to additional supply-chain attack capabilities and resources. As cyber adversaries continue to use trusted third parties as vectors of intrusion, attribution and intent will become more challenging.

Threat #3: Critical infrastructure is a tempting high-value target for threat actors

The oil and natural gas industry will continue to be an attractive target for threat actors for the remainder of 2018. On the international front, Russian state actors could sponsor disruptive or espionage-related cyber operations or support hacktivists in the name of protecting the environment to contain new competition to its largest energy market. Another key factor is rising oil prices, which could create incentives for threat actors in North Korea to launch ransomware attacks and other financially motivated cyber threat activities, such as cryptojacking, in order to circumvent sanctions and raise money.

Threat #4: Radical shift in alternative cryptocurrency mining malware

The use of miner malware has been one of the largest growth areas in cybercrime this year, and its growth will likely continue into 2019. Recent observation of criminal underground activity has revealed a plethora of advertisements by malware authors and resellers for Monero miner malware. The variety of malware available ranges from generic and cheap entry-level malware to vast botnets of compromised devices infected with custom malware. 

Threat #5: Advanced persistent threat (APT) operations becoming more financially motivated

While many APT-style cyberattacks are carried out for the purpose of espionage, financially motivated cybercriminals have been stepping up their game since as early as 2013. These prolonged, multi-stage cyberattacks are increasingly being carried out by cyber criminals who are expanding their capabilities to include traditional cyber espionage tools, techniques and procedures as well as the use of new malicious tools to attain financial rewards. The level of activities from financially motivated targeted attack threat groups like Cobalt Group and FIN7 will remain significant but lower in volume in 2018 than in 2017.

For additional information or to view the “The Cyber Threatscape Report 2018” click on the link https://accntu.re/2OkB5ou.

Accenture Email to a colleague | Add to MY ITP

terms & conditions