热门搜索：

Cybercrime Analytics

2023-11-29-SpyCloudZ***

AI智能总结

The new reality of cybercrime is disrupting traditional threat intelligence and anti-fraud technologies. Despite increased budgets and widespread use of security monitoring tools, EDR, phishing detection, and anti-fraud signals, 90% of organizations were affected by ransomware last year. Cybercrime Analytics is a new approach that dynamically surfaces insights from the criminal underground with speed and actionability at the forefront. It is additive to anti-fraud technologies and provides detailed use cases and benefits. The optimal way to bridge the gap between cybercrime and cybersecurity is accessing the same information that criminals have, distilled into only the most actionable data for your specific enterprise.

CYBERCRIMEANALYTICS TheNewWayToDisruptCybercrime CYBERCRIMEANALYTICS1 ADAPTINGTOTHENEWREALITYOFCYBERCRIME henitcomestoconfrontingthenewrealityofcybercrime,theoptimalwaytobridgethegapbetween cybercrimeandcybersecurityisaccessingthesame informationthatcriminalshave–distilledintoonlythemostactionabledataforyour speciﬁcenterprise. ACTINGSWIFTLYONWHATCRIMINALSKNOWABOUTYOURBUSINESSANDYOURCUSTOMERSISNOWTHEONLYWAYTOBEATCRIMINALSATTHEIROWNGAME. Despiteincreasingbudgetsforcybersecurityandfraudpreventionandthewidespreaduseofthreatintelplatforms,securitymonitoringtools,EDR,phishingdetection,andanti-fraudsignals,90%oforganizationswereaffectedbyransomwarelastyear. Criminalsspreadmalwarelikewildﬁre,identityfraudcontinuesitsupwardtrajectory,anddatabreachesremainatnear-recordlevels–andthat’sjustwhatwecantrack.Manysecurityandfraudprofessionalsbelievethescaleofcybercrimeismuchmorethanwhat’saccountedforinourmodelstoday,andhasthepotentialtodestabilizemarketsandevensocietyasawhole. Theextremegrowthincybercrimerequiresanewapproach.It’snolongerenoughtogatherintelligencetounderstandabroadthreatlandscape.Withoutrelevant,actionableanswersaboutwhatdatacriminalsareusingnowtotargetabusinessanditscustomers,securityandanti-fraudteamsareflyingblind. Enterprisesmustchooseapartnerthatcandynamicallyandcontinuallysurfacetheseinsightsfromthecriminalundergroundwithspeedandactionabilityattheforefront.TheonlyanswerisapartnerofferingCybercrimeAnalytics. ThispaperdeﬁnesCybercrimeAnalyticsandwhythisapproachisdisplacingtraditionalthreatintelligence,howitisadditivetoanti-fraudtechnologies,anditsusecasesandbeneﬁtsindetail. CYBERCRIMEANALYTICS2 CybercrimeAnalytics WHATISCYBERCRIMEANALYTICS? >>> AutomatedAnalytics thatDriveActionfromCybercrimeData It’sthemostadvantageousapproachtodisruptingthecycleofcybercrimebecauseitenablesfaster,moreconﬁdentactionbasedondeepknowledgeaboutuserexposureinthecriminalunderground.Itrequiresconstantaggregationandlinkageofbillionsofdatapointsaffectingmillionsofonlinepersonas,resultingindistilledinsightsthatcanbeeasilyconsumedincommonsecurityandanti-fraudtoolstodriveremediation. CybercrimeAnalyticscanonlybeaccomplishedwithascalableenginethatcollects,processes,enriches,andanalyzestheoutputsofcybercrime.Those‘outputs’arethestolenassetsfromthird-partydatabreaches,malwarevictimlogs,andothersourcesthataretradedandsoldonthedarknet–datarangingfromusernames,passwords,andsessioncookiestosensitivePIIlikeIPaddresses,physicaladdresses,ﬁnancialinformation,passportdata,driverslicenses,andsocialsecurityornationalIDnumbers.Comprisingmorethan200datatypes,it’severythingthatmakesupaperson’sdigitalidentitythathasbeenleakedinabreachorexﬁltratedfromaninfostealer-infecteddevice.Thescaleismassive,andasaresult,linkageisrequiredtomakesenseofit,andtomakeitusefulfortheteamswhoneedit. CLEAR ACTIVEWEBSESSIONS APPROVE TRANSACTIONS RE-SECUREVULNERABLE ACCOUNTS FLAG POTENTIALSYNTHETICIDENTITIES Butthedataisn’tpackagedinawaythat’simmediatelyusefultoanyone–notevencriminals.Onedatabreachcouldbe100,000ﬁles.It’sspreadacrossraw,unstructuredformatsthatrequireprocessingandtimetomakeituseful,sospeedisanessentialpartoftheequation.It’saracetoseewhocanactonthedataﬁrst:enterprisesorattackers. SpyCloudputsahugeemphasisonspeedwhenitcomestorecapturingthesecybercrimeelementsfromthedeepestlayersofthedarknet(asclosetowheretheoriginalcrimeoccurred)–aswellasaddingvalueateverystage.Theresultinginsightsarerelevant,correlated,andmachine-readable–tyingdisparatebreaches,malwareinfections,affectedapplications,andidentitydatatogetherforindividualsacrosstheirentireonlineidentity. CYBERCRIMEANALYTICS3 WHAT DO CYBERCRIMEANALYTICS REVEAL ANDWHAT CANBEMADEASARESULT? 4 CYBERCRIMEANALYTICS MALWAREDETECTED CREDENTIALSANDSESSIONCOOKIESEXPOSED 3UNIQUEEMAILADDRESSES @ PLAINTEXTPASSWORDS EXPOSED 50%PASSWORDREUSE LASTEXPOSED24DAYSAGO FINANCIALDATAEXPOSED LEAKEDIN1BREACH MEETJON Here’shishighriskprofileaccordingtoSpyCloud’sCybercrimeAnalytics. ACROSS8BREACHESAND1MALWAREINFECTION,WE’VELINKEDJON’SEXPOSEDDATATODETERMINE: Hehas3uniqueemailaddresses. Hisplaintextpasswordshavebeenexposed(andincludedin2combolists,whichputhisaccountsatriskofcredentialstufﬁng). Hereusesthesamepasswordacrossmultipleaccounts,workandpersonal(50%reuse). Heusedamalware-infectedpersonal/unmanageddevice1monthagotologintocriticalworkforceapplicationsincludingacoderepository,chat,andprojectmanagementsoftware–exposingbothcredentialsandsessioncookiesfortheseservices. HissensitivePII,includinghiscreditcardnumber,wasleakedin1breach.Thelasttimeweingestedhisidentitydatawas24daysago. CYBERCRIMEANALYTICS5 TAKINGACTIONONCYBERCRIMEANALYTICS ArmedwiththesameinsightsaboutJon’sexposure,securityoperationsandfraudpreventionteamscanenhancetheirdecisioninginthefollowingways: THESECOPSTEAMATJON’SEMPLOYER ConsiderJonanunwittinginsiderthreat,exposingthebusinesstoriskofaccounttakeoverorworse–ransomware. ReachouttocoordinatePost-InfectionRemediationofJon’smalware-infectedpersonaldevice,recommendingananti-virussolution,thenresettin

点击免费查看完整报告

你可能感兴趣

Cybercrime Analytics

你可能感兴趣

Uncovering IoT Threats in the Cybercrime Underground

Cost of Cybercrime Study | 9th Annual

The Middle Eastern and North African Underground: Where Culture and Cybercrime Meet

Cybercrime and the Deep Web

Cybercrime Prevention Principles for Internet Service Providers