Ongoing Geopolitical Tensions Involving China, Russia, North Korea and Iran are Leading to Cyberattacks
A new report suggests that China and Russia alone account for 47% of cyber-attacks throughout 2019. Within all cyber-attacks, the use of custom malware and process hollowing is growing, destructive/integrity attacks are increasing, and a new form of island hopping is worrying.
While it is problematic to attribute sources of attacks, these details come from the latest VMware Carbon Black Global Incident Response Threat Report (PDF). "What makes this study unique," Carbon Black's head security strategist Tom Kellermann told SecurityWeek, "is that it is not limited to VMware Carbon Black facts and figures. The thirty largest incident response and MSSP firms in the world contributed to this study, from SecureWorks to Booz Allen and Deloitte, and across all of their investigations over the last six months."
The findings described in the report come from incident responders working in the field rather than from a survey of opinions or a single company's private telemetry. "These incident responders," continued Kellermann, "are suggesting Russian and Chinese sources from the nature of the forensic footprints and the secondary C2 locations, not just the primary C2 locations, they discover. That doesn't dismiss the possibility of false flag and proxying operations, but combined with human intelligence on the malicious code, possible motives and cui bono? [who benefits?] applied to the situations, this is probably quite accurate."
Underlying the source of attacks is the current global geopolitical tension. Attacks from Iran are increasing -- and indeed, from the U.S. itself. ..
Support the originator by clicking the read the rest link below.
