Small supplier Trojan risk rife in transport: cyber report

Half of all state-sponsored cyber attacks will be aiming to steal sensitive data from the world’s richest countries and will often target their transport infrastructure through supply chain vulnerabilities, according to a new ‘Who’s Who’ of potential cyber attackers.

Thales and Verint, the authors of The Cyberthreat Handbook, endeavours to provide a classification and basis for further investigation of major groups of cyber attackers, including cybercriminals, cyberterrorists, hacktivist groups and state-sponsored hackers.

As part of the strategic partnership to create a comprehensive, state-of-the art cyber threat intelligence technologies, threat intelligence analysts from Thales and Verint have worked together to provide this unique 360 degree view of the cyber threat landscape, with detailed descriptions of the activities of about sixty particularly significant groups, including their tactics and techniques, their motives and the sectors targeted from analysis of multiple data sources such as web and threat intelligence.

As cyber security grows in importance, Thales and Verint said they have worked together to find out more about cyber attackers and the techniques they employ, the purpose being to help organisations in the private and public sectors to better detect and anticipate future attacks. The cyberthreat landscape is extremely diversified and knowing one’s enemies can be particularly complex in this world of subterfuge and deception.

After a year-long investigation, teams of analysts from both businesses have produced detailed profiles of around 60 major groups of cyber attackers by studying 490 attack campaigns they have perpetrated throughout the world.

In what they claim to be a report of unprecedented scope, analysts from Thales and Verint have defined four major categories of attackers based on their motives and ultimate objectives.

Out of approximately 60 major groups of attackers analysed, 49 per cent are state-sponsored groups often aiming to steal sensitive data from targets of geopolitical interest. Twenty six per cent are ideologically motivated hacktivists, closely followed by cybercriminals (20 per cent) who are driven by financial gain. In fourth position, cyberterrorists account for 5 per cent of the groups analysed.

All the world’s major economic, political and military powers are priority targets of cyber attackers. The 12 countries in the world with the highest GDP are all at the top of the list of targets, headed by the United States, Russia, the European Union (particularly the United Kingdom, France and Germany) and China, followed by India, South Korea and Japan.

The sectors most targeted by these major attacks are states and their defence capabilities, followed by the financial sector, energy and transportation. Attacks on the media and health industries are also increasing fast.

A growing number of groups of attackers are also focusing on vulnerabilities in the supply chain, and in particular on smaller partners, suppliers and service providers that are used as trojans to access major targets.

“As cyber threats proliferate and evolve, cyber security clearly has a major role to play, particularly for critical infrastructure providers,” said Marc Darmon, executive vice president, secure communications and information systems, Thales, adding, “it is our duty to analyse, understand and describe the techniques employed by cyber attackers so that our customers and all other businesses and organisations are better prepared to detect and anticipate future attacks.”

“This report generates unique insights and knowledge to cyber and security experts to mitigate and foresee cyber attacks,” added Elad Sharon, president, Verint Cyber Intelligence Solutions