Hewlett Packard Enterprise (HPE) recently released a revealing study.
“The Business of Hacking”, an extensive report detailing the underlying economy driving cybercrime is an in-depth analysis of the motivations behind the attacks criminals choose to pursue, and the ‘value chain’ illegal organisations have established to expand their reach and maximise profits.
HPE found that the profile of typical cyber attackers - and the interconnected nature of their underground economy - have evolved dramatically in the last several years. Adversaries are increasingly leveraging sophisticated management principles in the creation and expansion of their operations to ultimately increase their impact and financial profits, which are both core motivations for nearly all attack groups today
“Organisations that think of cybersecurity as purely another checkbox to mark often do not leverage the value in high fidelity cybersecurity intelligence,” says Shane Bellos, general manager, Enterprise Security Products, Software, HPE South Pacific. “This report gives us a unique perspective on how our adversaries operate and how we can disrupt them at each step of their criminal value chain.”
Today’s adversaries often create a formalised operating model and ‘value chain’ that is very similar to legitimate businesses in structure, and delivers greater ROI for the cybercriminal organisation throughout the attack lifecycle. If enterprise-level security leaders, regulators and law enforcement are to disrupt the attackers’ organisation, they must first understand every step in the value chain of this underground economy.
HPE affirms some of the critical elements to the typical attacker’s value chain model include:
“Cybercriminals are highly professional, have robust funding, and are working together to launch concentrated attacks,” says Chris Christiansen, Program Vice President, Security Products and Services, IDC. “The HPE Business of Hacking report offers key insight for legitimate organisations to better disrupt adversaries and mitigate risks by understanding how they are operating and maximising profits.”
HPE recommends a number of approaches for enterprise security professionals to better defend against these organised attackers: