Group-IB talks about threat hunting, cybercrime trends and forecasts at CyberСrimeCon 2019
When talking about cyber-threats, the first consideration one should take is that as the world is becoming data-driven and technology-based, cyber-threats are also becoming increasingly sophisticated. In one of his recent statements, Group-IB CEO and founder Ilya Sachkov said “identifying threat actors and their motivations behind a cyber attack may help law enforcers know who they are up against, but doing so publicly could backfire.”
Cyber villains are using smarter and smarter tricks to bypass security efforts and throw researchers off track. One notable example is the infamous North Korean Lazarus gang, who tried to mask their activity by pretending to be Russian-speaking hackers.
Another problem is the existing knowledge gap. Group-IB, headquartered in Singapore, believes that without a clear understanding of relevant threats, adversaries’ tactics, techniques and procedures (TTPs) local companies and organizations cannot build effective cyberdefense. “Companies spend money, but they do not understand the real thing — what threats are targeting their specific company or industry in a given region,” said Ilya Sachkov, CEO and founder at Group-IB.
“Cybercrime has no borders. Cybersecurity must not have them either. This can only be guaranteed and maintained through close cross-sector collaboration and data exchange,” said Sachkov.
These are only some of the many considerations that cybersecurity professionals need to take before navigating the sensitive, and often complex nature of cyber-threats. Group-IB’s CyberCrimeCon 2019, which was held in Singapore this year, attempted to provide a platform for local cybersecurity community to bridge this gap.
Group-IB’s CyberCrimeCon 2019
The CyberCrimeCon event has two components. In the first technology stream, experts share information on cyberthreats, trends and strategies while during the strategic stream, experts offered real-life high-profile cases of cyberthreats and how they cope.
To raise awareness on cyberthreats, Group-IB released its trademark annual “Hi-Tech Crime Trends 2019/2020” report at the conference. Cybercrime trends identified from second half of 2018 to first half of 2019, industries that will become major targets of advanced threat actors, new APTs discovered over the given period and forecasts on their development in the near future were revealed.
The report also described attacks in major sectors like the energy and financial sectors. For the telecommunications industry, Group-IB described nine groups (APT10, APT33, MuddyWater, HEXANE, Thrip, Chafer, Winnti, Regin, and Lazarus) that posed a major threat and has become a target for state-sponsored attackers. This can result in customers’ surveillance or sabotage purposes.
According to the report, the number and complexity of state-sponsored hackers’ attacks have increased with at least 38 active state-sponsored APTs having been reported in the world. These threat actors’ motivation goes beyond financial gratification. Their aim is for espionage, sabotage, and destruction and their main targets are facilities essential to keep a country running.
This year’s CyberCrimeCon was also the first of its kind to open its doors to the general public. The public needs to know “it is not possible to be 100 percent protected. But it is important to move toward achieving this goal and take some simple measures that once adopted will significantly upgrade your personal security, for example, use different passwords for different social media accounts. It is also important to always keep in mind that once you released something on the Internet it is to stay there forever,” warned Sachkov.
Group-IB hopes not only to raise awareness in the region, but to actively encourage cybersecurity practices among young professional.
No sooner said than done. At the Conference, a Memorandum of Understanding was signed by the Group-IB and Singapore’s Institute of Technical Education (ITE). A key element of the agreement is to set up a first of its kind Threat Hunting, Digital Forensic, and Cyber Investigations Centre in ITE . The agreement aims to bring up a new generation of cybersecurity professionals in Singapore by synergizing Group-IB’s hands-on experience in fighting cybercrime globally and ITE’s unique technical education capabilities with one goal – to improve cyber resiliency of the city-state
Group-IB will set up the infrastructure for the centre so that students get real-life and hands-on experience, identifying and proactively hunting for threats relevant to the region and dealing with the ones targeting especially OT related systems.
The company will also equip the Centre with its Threat Hunting and Intelligence solutions for adversary research, malware analysis, monitoring of underground activity, and network protection. Introduction of new courses, training, and internship for ITE students at Group-IB’s offices in multiple locations to help Singapore nurture a new generation of cybersecurity professionals will also be carried out.
“Cyber threats to OT systems and the financial sector are some of the most pressing issues of today in Singapore. Raising a new generation of threat hunters now, equipped with tactical and strategic knowledge about threat actors, is the backbone of the future stability of Singapore,” said Ilya Sachkov, CEO and founder at Group-IB.
Sachkov explained, “this is an ambitious goal that we believe can be achieved by leveraging Group-IB’s experience in fighting cybercrime and ITE’s innovative approach to technical education.”
Group-IB also signed a MOU with Ngee Ann Polytechnic to increase Singapore’s cybersecurity talent pool. They will jointly develop cybersecurity curriculum, research and provide internships. NP has introduced Group-IB’s Threat Detection System Huntbox module in the Cybersecurity & Digital Forensics course to equip students with threat hunting skills and others.
Group-IB experts have trained law enforcement agencies, corporate security teams, and universities in Singapore, Bahrain, Germany, Lebanon, Monaco, the Netherlands, Switzerland, Thailand, and the United Kingdom, as well as experts within INTERPOL and Europol.
The post On threat hunting and cybercrime: How Group-IB is helping the region in cybercrime prevention appeared first on e27.