Fortinet – The War on Cybercrime

Cyberattacks have grown in recent years to become truly devastating and destructive, with single incidents often having the potential to disrupt thousands of organizations at once. Attacks have crippled the supply chains of many organizations, impacted our daily lives and productivity, and have hurt commerce more than ever before. These attacks are only growing more frequent and effective, and with many of us now working and learning remotely, each and every one of us is now a potential target for attack.

Cybercrime and Ransomware is Big Business

You might be surprised to learn that cybercrime has become big business, complete with call centers, tech support, and affiliates who help move and launder money. Ransomware-as-a-Service (RaaS), for example, is a subscription-based model that allows partners to use ransomware tools that have already been developed by someone else to execute attacks. This booming cybercrime eco system has grown into its own supply chain that generates more than a trillion dollars of revenue every year leading to an increase in cyberattacks that affect thousands of organizations in a single incident. The worst part? These attacks will only get worse as this supply chain continues to grow. With greater funding these bad actors will adopt new elements and service models to keep changing their tactics and upping the game.

How does the Cybercrime Supply Chain Work?

In the cybercrime supply chain, the suppliers create and produce things like malware and zero-code exploits that they use to license, sell and share with distributors and affiliates, who then sell their solutions to clients who target those solutions at victims. In other words, the cybercrime supply chain is used to better infiltrate their victim’s supply chains.

Disrupting Their Supply Chain

The best way to disrupt the cybercrime supply chain is to study attacker behaviour in order to understand their techniques and what they are thinking. Heat maps allow us to uncover what has been implemented in the past, which allows us to create roadmaps that lead us in the right direction. We use real time data and high resolution intelligence against the attackers by disrupting their supply chain, making it more expensive for them to operate and thereby forcing them to shift tactics.

Educate Yourself and Take Action Against Cybercrime and Ransomware

The best way to protect yourself against cybercrime is to first educate yourself on best-practice cyber hygiene techniques. Employees are often the first line of defense against malware attacks, and so it is crucial that they are able to recognize attacks and intrusions as they occur. Proper security awareness training in this regard is the best way to ensure that your employees are adequately prepared against the ever changing threat landscape.

On a more general level, it is important that we employ the latest techniques and tools to stay one step ahead of the bad guys. Reacting to a security breach is one thing, but stopping it before it can do any damage is another, and so it will be crucial that we embrace automated threat detection and AI as these will allow us to address attacks in real time and mitigate attacks at speed and scale across individual endpoints. Additionally, Zero Trust approaches also need to be implemented to enable secure access for remote work and learning.

It’s safe to say that cybercrime isn’t going away anytime soon, but as cybercriminals become more sophisticated and creative, so should we. The collaboration and sharing of threat intelligence among enterprises, law enforcement and government entities will help shine a light on criminals. We are beginning to see some promising results – Some affiliates are abandoning their criminal organizations because they have become targets of law enforcement. We are a critical inflection point when it comes to combatting cybercrime, and it is crucial that we all do our part to do so.