Cyber Threat Weather - June 2021
Spotlights on a new state-sponsored threats scheme : "Privateers" groups.
Weak signals for Strategic CTI
- eCrime groups are generally financially motivated, act on their own behalf and often rely on open-source tools.
- Many eCrime groups no longer seem to meet these criteria.
- Talos proposes a new taxonomy via the designation of "Privateers".
- Privateers actors are sophisticated and impactful cybercriminal groups pursuing Big Game Hunting and being allegedly supported or at least indulged by the states that host their infrastructures.
Anticipation : The high profitability of privateers coupled with their legal safety in their countries can (with high confidence) lead other malicious actors to engage in this type of activity.
Analysis of RedEpsilon (aka BlackCocaine) Ransomware, focus on the supply chain attack targeting PyPI repository's, Red Foxtrot and Cl0p.