How cybercriminals work together to take down your organization

Thought leadership

Hear from Egress VP of Threat Intelligence, Jack Chapman, on how criminals gangs are working together to breach organization’s defenses.

Share Video

Ransomware gangs such as REvil are creating global headlines with their ongoing attacks. Recently, chemotherapy treatments in Vermont were delayed, meat plants were temporarily shut down across the United States, and an attack on the company that owned the Colonial Pipeline set off a panic up and down the East Coast spurring a real-life fuel shortage.

Cybercriminals can be dangerous when they work as lone wolves – and even more so when they collaborate as part of a wider network. Unfortunately, that’s exactly what’s happening. Criminals are working together in order to share intelligence, create new hacking software, and evade security defenses.

Cybercrime ‘as-a-service’

Cybercrime is big business. If it were measured as a country, then it would be the world’s third-largest economy after the U.S. and China. Cybercrime is predicted to inflict damages totaling $6tr USD globally in 2021 and is making headlines on a regular basis.

These hackers are no longer the sinister individual alone behind a screen, they are a complicated online network that distributes, shares, and sells data and tools on the dark web. They operate in a similar way to a business does – they’re assessing their marketplace, competitors, and doing SWOT analyses to create a pipeline of features for their hacking tools.

As their organization increases, so does the sophistication and success rate of their attacks. And the payload that’s making headlines and keeping business up at night (with good reason) is ransomware.

Rising tide of ransomware

Ransomware is a rapidly growing problem, and criminals are increasingly turning to others within the hacker community to buy access into corporate networks. A successful ransomware attack can be highly lucrative for a criminal gang, so it’s no surprise how popular they are.

It works like any other online marketplace (albeit on the dark web) – where vendors can advertise and sell their malware. This means we often see multiple criminal gangs using the same malware payloads for ransomware. It’s time IT leaders paid some serious attention to how ransomware is being delivered into their organizations.

Delivering ransomware through phishing

Cybercriminals are developing a wide range of techniques, but there’s a particular focus right now on creating new and sophisticated phishing attacks to deliver ransomware. These attacks target the human layer of a business – as a phishing attack only works when someone falls for it on the other end within the target organization. Unfortunately, these attacks are often successful.

It’s estimated that over 90% of ransomware attacks in the US are now delivered via email phishing. Traditional security solutions were set up to deal with mass (often poorly designed) phishing attacks and are simply unable to keep pace with the more innovative attacks we’re seeing today.

Human layer security: An intelligence defense

These phishing attacks target the human layer – so an organization’s defenses need to focus on the human layer too. Egress Defend is an intelligent anti-phishing solution that uses machine learning to analyze both the content and context of all inbound emails, giving users an educational traffic-light system that alerts them to phishing attacks in real time.

Time to secure your human layer against the growing threat of organized criminal networks? Learn more about Egress Defend here, or if you’re ready to give it a no-strings attached trial, we’ll be more than happy to set you up with a demo.

You might also be interested in ...