My last post introduced Fidelis Cybersecurity’s effort to empower board members in their battle against cyber attacks by offering real-world counsel regarding the management of incident response via a NYSE-published cybersecurity guide entitled Navigating the Digital Age: The Definitive Cybersecurity Guide for Directors and Officers. We now take a deeper look at understanding the threat actors and threat lifecycle in order to better anticipate, detect, and respond faster to attacks.
Experts predict that cyberattacks will intensify as cyber criminals accelerate their activities. To make matters worse, attackers have sharpened their skills and expanded their techniques over the last couple of years. Now, cybercrime has advanced to include cyber warfare and cyber terrorism as nation-state actors have moved from disruptive to destructive attacks, presenting organizations with new challenges. Board directors and C-level executives are clearly fighting a war against cyber attacks – but exactly who are they battling? Hacktivists? Organized cyber criminals? Or nation-state actors?
Battles are won by understanding the enemy. This is vital, as motivations among the groups may differ:
- Hacktivists often seek to cause disruption to damage the reputation of an organization.
- Organized cyber criminals include international crime syndicates targeting organizations largely in the financial services and retail industries for financial gain. Although there are a number of players, this arena is dominated by loosely knit teams of attackers located in Eastern Europe.
- State-sponsored espionage threat actors deploy targeted malware in stealthy, multi-stage attacks, sometimes called advanced persistent threats (APT), targeting intellectual property.