Geopolitical Tensions Fuel Worsening Cyberattack Scenario
An extensive industry study[pdf] carried out by VMware Carbon Black indicates that nearly half (47%) of all cyberattacks that took place this year originated in either China or Russia. While attribution in the cyber domain is notoriously difficult, the company says the data is likely to be “quite accurate” because it is based on the findings of incident responders who “are suggesting Russian and Chinese sources from the nature of the forensic footprints and the secondary C2 locations, not just the primary C2 locations, they discover.” A lot of this malicious activity is believed to be the result of geopolitical tensions across the globe.
The report also highlights two developments that are shaping the current landscape. One is the rise in destructive malware used by threat actors to damage a targeted environment once the attackers are detected on the network. Another major trend is the increasing popularity of island hopping via email servers, which can enable hackers to attack the customers of organizations they have compromised.