Know Your Enemy: Gathering Intel on the Ransomware-as-a-Service Business Model – CFH #8
In late January, law enforcement officials disrupted the operations of the Hive cybercriminal group, which has profited off of a ransomware-as-a-service (RaaS) business model. And though the takedown was an inspiring victory, there’s plenty more ransomware where that came from. Indeed, Microsoft just reported that at the conclusion of 2022 it was tracking more than 100 threat actors using over 50 different ransomware families to extort victims. And many of these criminal networks operate like professional businesses in this underground economy. Bottom line: there’s still a lot of work to be done, and it begins by collecting and communicating the right cyber threat intelligence to profile these threat actors and understand how they operate, so we can anticipate and defend against their next move. In this segment, we will discuss the responsibility of the MSSP to understand their opponents while keeping their clients abreast of the latest intelligence reports and adversary TTPs.
- 1. Microsoft: Over 100 threat actors deploy ransomware in attacks
- 2. NIST Releases Potential Updates to Its Cybersecurity Framework
- 3. Shady Hacking 1nstrument Makes Machine Enrollment Retreat
- 4. Google looking into fix for SH1MMER exploit that can unenroll Chromebooks
- 5. Apple Patches Exploited Zero-Day Vulnerability Targeting iPhones, iPads and Macs
- 6. https://www.scmagazine.com/analysis/identity-and-access/keepass-disputes-report-of-flaw-that-could-exfiltrate-a-database