The Role of the Internet
Internet technologies provide a basis upon which to achieve huge efficiencies in communications, storage, data processing and business tractions. Given the ever-increasing use of the internet (2 billion users in 2011 with forecasts of another billion users coming online in the next four years), it is no surprise that bad actors are using this near-ubiquitous communications medium for their own ends. With almost all individuals, governments, and organizations connected to one another through the internet, geography is increasingly irrelevant. Low risk attacks can be launched from locations around the world, perhaps originating in countries or regions that do not have regulations or laws governing cybercrime, or lack the resources to effectively enforce such laws.
One observation of this trend is the trickle-down effect on attack techniques and technology. Ten years ago, attackers had to build bespoke capabilities to conduct many forms of attack. Today there are kits available in illicit online marketplaces that let prospective attackers achieve the same results with much less effort and expertise. The same trickle-down effect can be observed in the evolution of financially motivated attacks employing techniques that originated with Targeted Attacks. For example, the operational model and techniques employed in the targeting of a companyâ€™s payment system to facilitate online banking fraud can be similar to those used in espionage orientated Targeted Attacks.
Understanding this change in threat, and reflecting it in consideration of an organizationâ€™s risk profile is now essential. For example, a luxury fashion manufacturer might think that a potential attacker would spend significant resources to acquire military or state secrets, but not to target the companyâ€™s product designs. It is worth reiterating that this assumption no longer holds because cybercriminals are using the same attack knowledge and tools that were previously focused exclusively on espionage to support the traditional criminal activity of counterfeiting goods. However, in many cases, organizations are simply not prepared for this shift in the threat environment.