TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

F5 Labs

Advanced Attackers: Stealthy, Patient, Dangerous

2018-05-31 · Read original ↗

ATT&CK techniques detected

4 predictions
T1486Data Encrypted for Impact
90%
“jam ransomware or cryptomining malware on your systems ( although they may disguise their attacks as smash and grab ). instead, they focus on big prizes : high value data, espionage, sabotage. these professionals are either looking for a big payoff or are hired to do a job. recen…”
T1078Valid Accounts
88%
“attackers prefer stealth, and what could be stealthier than impersonating a legitimate user by hijacking their login credentials? the go - to method is spear phishing, often with a booby - trapped microsoft office attachment. for example, a resume with something that enables remo…”
T1589Gather Victim Identity Information
41%
“about advanced attacks. one thing advanced attackers always do is their homework. they perform a lot of reconnaissance, both online and offline. as we ’ ve been saying from early on, reconnaissance is where attackers spend the most amount of time. they collect data about your emp…”
T1598Phishing for Information
38%
“about advanced attacks. one thing advanced attackers always do is their homework. they perform a lot of reconnaissance, both online and offline. as we ’ ve been saying from early on, reconnaissance is where attackers spend the most amount of time. they collect data about your emp…”

Summary

Advanced attackers are considered a top threat by CISOs. Although they are rare, their stealthy determination to learn everything about a target before they strike makes them especially dangerous.