Cybersecurity teams working in federal agencies face similar challenges to their counterparts in the private sector. A recent examination of the threat landscape reveals emerging and expanding trends that are important to both. However, a few stand out as particularly relevant to those tasked with securing our federal networks. These include:
The growth of ransomware as a service.
EternalBlue and BlueKeep activity.
The use of old-school tactics, such as elevated attempts to inject/execute code.
Security teams at federal agencies need to be aware of these attack trends in order to stay a step ahead of cyber criminals pursuing malicious agendas. And for federal networks, the added layers of compliance, budgetary uncertainties, and what is ultimately at stake—our national security—add more complexity to the business of staying secure.
Here is what federal agencies should be aware of now and in the months ahead:
The Ransomware-as-a-Service Movement Grant Powerful Options to Anti-Government Groups
Ransomware as a service, or RaaS, has lowered the bar for entry for the cybercriminal underworld of operators. Even without the technical skills required to develop and deploy their own original malware attacks, criminal groups can now rent existing attack services, disseminating malware to their targets in exchange for a cut of the profits. As recent research shows, this has resulted in an expansion of malware as a service, including ransomware, which continues to grow in volume each quarter.
The GandCrab strain of ransomware set the bar for malware services, netting its developers an estimated $2 billion before it was shuttered. Their affiliate model relied upon a network of partners who leve ..
Support the originator by clicking the read the rest link below.
