MOSCOW – The latest innovations in cybercrime have shifted from financially motivated actors to state-backed hackers focused on sabotage and intelligence gathering, a Russian cybersecurity firm said Tuesday.
“The focus of innovations and research on the creation of complex malware, as well as organization of multi-layered targeted attacks, has now shifted … to state-sponsored threat actors,” said Group-IB, a firm that works with Interpol and several other global institutions.
In its 2018 cybercrime trends report, the group said the top three countries in which state-backed entities operate were China, North Korea and Iran.
It named Russia, the U.S. and Ukraine among other countries involved, and listed 40 active groups.
The groups concentrated on “sabotage and espionage,” particularly in the sectors of power, nuclear, water, aviation, and commerce, it added.
Most attacks carried out in the second half of 2017 and first half of 2018 targeted the Asia-Pacific region, it said.
“Banks are considered critical infrastructure, they are the targets for state-sponsored hacker groups,” Group-IB chief Ilia Sachkov said at a conference in Moscow.
“One successful attack is capable of destroying one financial organization and even the collapse of a state financial system,” he said.
The report comes just days after several Western governments accused Moscow’s military intelligence of a hacking conspiracy that targeted the world’s chemical weapons watchdog and several other Western institutions.