Rogue nation states and cybercriminals are looking to disrupt business operations, make money, or spy on targets across organisations and critical infrastructure, according to a new report by consulting firm Accenture.
In particular, the report named five “key threats” that are influencing the cyber risk landscape:
- Iran-based threat actors who develop and use ransomware and repurpose popular malware
- Nation-state-sponsored, hacktivist-driven attacks on IIoT (industrial internet of things) systems increasing in the utilities, oil and natural gas, and manufacturing industries
- Critical infrastructure as a tempting high-value target for threat actors
- The radical shift in alternative cryptocurrency mining malware
- Advanced persistent threat (APT) operations becoming more financially motivated
“To protect against these emerging threats and respond if they should fall victim to an attack, organisations must be proactive in thinking about business risk on a day-to-day basis. Learning from previous incidents and understanding what is coming next based on timely and actionable threat intelligence is key to keeping data and systems safe,” said Josh Ray, managing director at Accenture Security.
Despite efforts to crack down on culprits and prevent attacks, the report warned that a new cybercriminal emerges after another is caught. It said organisations’ best approach is to adopt a continuous response model—always assume they’ve been breached—and use their incident response and threat hunting teams to look for the next breach.
“By better analysing data, organisations can start to anticipate risks and adopt a more proactive approach to defensive strategies through actionable threat intelligence,” the report added.