In our hyperconnected world, threat intelligence is crucial to our ability to better detect and prevent cyberattacks. This is the purpose of The Cyberthreat Handbook produced by Thales and Verint to provide insights into the most significant groups of cyberattackers through detailed rating cards.
After a year-long investigation, teams of analysts from two of the market leaders in cybersecurity technology have produced detailed profiles of about 60 major groups of cyberattackers by studying 490 attack campaigns they have perpetrated throughout the world.
With the release of The Cyberthreat Handbook, Thales and Verint are publishing their observations about the attack techniques used, the sectors most frequently targeted and the motives of the attackers, and offering recommendations to cybersecurity stakeholders for the coming years.
As cybersecurity grows in importance, Thales and Verint have worked together to find out more about cyberattackers and the techniques they employ, the purpose being to help organisations in the private and public sectors to better detect and anticipate future attacks. The cyberthreat landscape is extremely diversified, and knowing one's enemies can be particularly complex in this world of subterfuge and deception.
Analysts from Thales and Verint have defined four major categories of attackers based on their motives and ultimate objectives. Out of approximately sixty major groups of attackers analysed, 49% are state-sponsored groups often aiming to steal sensitive data from targets of geopolitical interest. 26% are ideologically motivated hacktivists, closely followed by cybercriminals (20%) who are driven by financial gain. In fourth position, cyberterrorists account for 5% of the groups analysed.
All the world's major economic, political and military powers are priority targets of cyberattackers. The 12 countries in the world with the highest GDP are all at the top of the list of targets, headed by the United States, Russia, the European Union (particularly the United Kingdom, France and Germany) and China, followed by India, South Korea and Japan.
The sectors most targeted by these major attacks are States and their defence capabilities, followed by the financial sector, energy and transportation. Attacks towards medias and health industry are increasing fast.
Last but not least, a growing number of groups of attackers are now focusing on vulnerabilities in the supply chain, and in particular on smaller partners, suppliers and service providers that are used as trojans to access major targets.
"The Thales and Verint teams are immensely proud to release this report today as part of its technology and domain expertise cooperation. Unique in its breadth and depth, it is the culmination of many months of research, investigation and painstaking analysis and correlation of relevant data. As cyberthreats proliferate and evolve, cybersecurity clearly has a major role to play, particularly for critical infrastructure providers. It is our duty to analyse, understand and describe the techniques employed by cyberattackers so that our customers and all other businesses and organisations are better prepared to detect and anticipate future attacks."
Marc Darmon, Executive Vice President,
Secure Communications and Information Systems, Thales
“Joining forces with Thales strengthens our mutual ability to deliver comprehensive knowledge of potential threats, and thus provide the necessary cyber security protection. Verint Cyber Intelligence leverages years of intelligence domain expertise, embedded within investigation methodologies and technologies critical to prevent cyber-attacks before they get into the gateway of the organization. This report generates unique insights and knowldege to cyber and security experts to mitigate and foresee cyberattacks”
Elad Sharon, President,
Verint Cyber Intelligence Solutions
To know more, download the Cyber Threat Handbook Thales - Verint