Cognitions of a Cybercriminal

Evolution in Cybercrime Behaviors

Attackers are getting better at moving around inside systems without being detected. According to the latest Verizon Data Breach Investigations Report (DBIR), 68% of attacks go undetected for months or more. Elite cybercriminals know how to subvert traditional cybersecurity techniques because of the industry’s historical overreliance on legacy antivirus (AV) and Indicators of Compromise (IOCs).

To remain undetected by legacy antivirus, cybercriminals are increasingly using fileless and living-off-the-land attacks, versus commodity malware. According to the DBIR, only 28% of attacks use malware (down from 51% in 2017). This is congruent to Carbon Black’s own research, as well as research from some of Carbon Black’s partners, like Red Canary, which found PowerShell-based attacks to be the most prevalent in its 2019 Threat Detection Report.

Attack evolution does not stop there, though. Today, 70% of all attacks now involve attempts at lateral movement and 51% leverage island hopping, according to Carbon Black’s 2019 Global Threat Report.

This means that security teams need to be evaluating the security posture of all organizations in their information supply chain—traditional security tools can’t be relied on. Cybersecurity needs to use predictive behavior analysis to achieve true visibility.
Download the whitepaper here

You might also like
Most comment
share us your thought

0 Comment Log in or register to post comments