09-30-2020 , 04:01 PM
Quote:Cybercriminals today are extremely organized and often take advantage of social trends to deliver weaponized bundles used to launch an attack against victims. These bundles are typically delivered via phishing emails or malware web sites that include misinformation targeting fears and uncertainty. This technique often correlates with major trends or events, such as the pandemic, social movements like Black Lives Matter, or important governmental changes, for instance, the upcoming U.S. presidential election.source
Organized cybercrime
Organized cybercrime is nothing new, however. For years, researchers have been following the commercialization of malware, with many criminal groups developing affiliate programs that pay cybercriminals to help spread and evolve a particular strain of malware. One such example is the wildly successful GandCrab ransomware, which allegedly reaped more than U.S. $2 billion in earnings for the group behind the malware in a 15-month period beginning January 2018.
Machine learning can provide solutions for data problems
One of the biggest challenges threat researchers face is the sheer volume of information they must sift through, including collecting, normalizing, validating, and analyzing threat data — all of which are very time-consuming tasks. For example, AT&T Alien Labs™, the threat intelligence unit of AT&T Cybersecurity, ingests as much as 20 million threat artifacts per day. This includes global observations on the evolving TTPs of threat actors, including the common tools, IT infrastructure, and other means they use in attacks. In order to turn this information into curated threat intelligence, threat researches must go through multiple steps of validation and analysis — and they must do this quickly to keep pace with cybercriminals.