Sophisticated hacking tools and techniques like watering-hole attacks, once used only by nation states or proxies, now increasingly used by criminal hackers, fueling concerns that state-sponsored hackers

The report talks about the possibility of government-backed-hackers going rogue and commercialising their tools and exploits.  Considering how powerful and advanced these hacking tools and  may have gone rogue.An eye-opening report from researchers at CyberInt has revealed how existing hacker groups, who were never found to be associated with or sponsored by governments, have started using sophisticated hacking tools and techniques that were once used only by nation states.techniques are, it would be naive for one to believe that it has been developed by hackers who have traditionally used crude malware or employed “smash and grab” techniques aimed at producing quick results.

For example, “watering hole attacks” that were previously carried out by nations like China and Russia are now being launched by various hacker groups. 

These attacks involve hackers infiltrating IT systems of targeted organisations or exploiting weaknesses in the defences of third parties such as the target organisation’s suppliers, sub-contractors, partners, and clients.  At the same time, hacker groups have also been found utilising Saturn ransomware, a highly sophisticated software that can be distributed via phishing email or other malicious campaigns and used to encrypt files stored in victims’ systems. According to CyberInt, Saturn as a Ransomware-as-a-Service (RaaS) affiliate programmes are available on the Dark Web for free.

As far as defending against enhanced capabilities of hacker groups is concerned, CyberInt says that “companies in all sectors now need to strengthen their cyber-defences in ways previously only thought necessary for organisations such as government contractors.

“This means extending their security perimeters to encompass areas such as social networking and third-parties such as suppliers and clients, who may be largely unaware of the growing sophistication of the OCGs.”

The firm adds that senior executives and key staff members need to be trained to protect themselves from hackers who might use their personal details to launch an orchestrated attack on an enterprise.
Enterprises should also liaison with third-parties such as suppliers and sub-contractors to ensure that basic cyber-security protocols such as using encrypted email are followed.

Source:  Cyber Security Intelligence