In a hyperconnected world, threat intelligence is key to the ability to better detect and prevent cyberattacks. Such is the purpose behind ‘The Cyberthreat Handbook,’ produced by Thales and Verint: to provide insights into the most significant community of cyberattackers, through detailed rating cards.
A year-long investigation by teams of analysts from two of the market leaders in cybersecurity technology has produced detailed profiles of about 60 major groups of cyberattackers, by studying 490 attack campaigns they have perpetrated throughout the world. Thales and Verint are now publishing their observations about the attack techniques used, the sectors most frequently targeted and the motives of the attackers, as well as offering recommendations to cybersecurity stakeholders for the future.
Powered by their cutting-edge technologies and products, the two companies are pleased to present ‘The Cyberthreat Handbook,’ a report of unprecedented scope, designed to provide a classification and basis for further investigation of major groups of cyberattackers, including cybercriminals, cyberterrorists, hacktivist groups and state-sponsored hackers. As part of the strategic partnership to create a comprehensive, state-of-the art cyber threat intelligence technologies, threat intelligence analysts from both organisations have worked together to provide this unique 360° view of the cyberthreat landscape, with detailed descriptions of the activities of about sixty particularly significant groups, including their tactics and techniques, their motives and the sectors targeted from analysis of multiple data sources, such as web and threat intelligence.
As cybersecurity grows in importance, Thales and Verint have worked together to find out more about cyberattackers and the techniques they employ, the purpose being to help organisations in the private and public sectors to better detect and anticipate future attacks. The cyberthreat landscape is extremely diversified, and knowing one's enemies can be particularly complex in this world of subterfuge and deception.
Analysts from Thales and Verint have defined four major categories of attackers, based on their motives and ultimate objectives. Out of approximately sixty major groups of attackers analysed, 49% are state-sponsored groups, often aiming to steal sensitive data from targets of geopolitical interest; 26% are ideologically motivated hacktivists, closely followed by cybercriminals (20%) who are driven by financial gain. In fourth position, cyberterrorists account for 5% of the groups analysed.
All the world's major economic, political and military powers are priority targets for cyberattackers. The 12 countries in the world with the highest GDP are all at the top of the list of targets, headed by the United States, Russia, the European Union (particularly the United Kingdom, France and Germany) and China, followed by India, South Korea and Japan. The sectors most targeted by these major attacks are states and their defence capabilities, followed by the financial sector, energy and transport. Attacks on media and the health industry are increasing fast. Last but not least, a growing number of groups of attackers are now focusing on vulnerabilities in the supply chain, and in particular on smaller partners, suppliers and service providers that are used as trojans to access major targets.
"The Thales and Verint teams are immensely proud to release this report today as part of [their] technology and domain expertise cooperation. Unique in its breadth and depth, it is the culmination of many months of research, investigation and painstaking analysis and correlation of relevant data. As cyberthreats proliferate and evolve, cybersecurity clearly has a major role to play, particularly for critical infrastructure providers. It is our duty to analyse, understand and describe the techniques employed by cyberattackers so that our customers and all other businesses and organisations are better prepared to detect and anticipate future attacks," commented Thales Executive Vice President, Secure Communications and Information Systems, Marc Darmon.
“Joining forces with Thales strengthens our mutual ability to deliver comprehensive knowledge of potential threats, and thus provide the necessary cyber security protection. Verint Cyber Intelligence leverages years of intelligence domain expertise, embedded within investigation methodologies and technologies critical to prevent cyber-attacks before they get into the gateway of the organisation. This report generates unique insights and knowledge to cyber and security experts to mitigate and foresee cyberattacks,” added the President or Verint Cyber Intelligence Solutions, Elad Sharon.