A recent article on Dark Reading by CrowdStrike VP of Intelligence Adam Meyers is titled “The Big E-Crime Pivot.” It puts forth the argument that cybercriminals “have begun to recognize that enterprise ransomware offers tremendous financial advantage over the more traditional tactics of wire fraud and account takeover.”

The following are some excerpts from the article:

What is the Pivot?

“The concept of ‘the pivot’ is well-understood by entrepreneurs, who often set out to build a business or technology and realize they need to shift their strategies. Visually, one foot remains firmly in place while the other turns to reorient the rest of the body. Typically, they don’t throw everything out the window and start over. Rather, they reimagine the way they can use the tools at their disposal.

“The same can be said about today’s sophisticated e-criminals, who are increasingly pivoting and reusing their existing technology for new ways to generate revenue.”

Malware-as-a-Service

“Malware-as-a-service has been a prominent component of the e-crime ecosystem for the past decade.

“The e-criminals behind these malware platforms also built relationships with other e-criminals who specialize in spam, pay-per-install, and exploit kit development to optimize distribution.”

Big Game Hunting

“In recent months, e-criminals have begun to recognize that enterprise ransomware – what we call ‘big-game hunting’ – offers tremendous financial advantage over the more traditional e-crime tactics of wire fraud and account takeover. We touch on this trend in the ‘2019 CrowdStrike Global Threat Report.’

“The first indication of the shift to ransomware can be traced back to summer 2017, when INDRIK SPIDER, the adversary CrowdStrike associates with Dridex development, began to deploy BitPaymer in enterprisewide ransomware directed against the healthcare sector.

In March of this year, we reported on a change of tactics by PINCHY SPIDER, the actor behind the GandCrab ransomware that emerged in early 2018.”

How Do Organizations Respond?

“It is more important than ever that organizations and agencies have the right people, processes, technology, and intelligence to stay ahead of these threats.”

Additional resources

• Read the entire article on Dark Reading.
• Download the 2020 CrowdStrike Global Threat Report
• For more information on how to incorporate intelligence on dangerous threat actors into your security strategy, please visit the Falcon Threat Intelligence product page.
• Learn more about the CrowdStrike Falcon® platform by visiting the website.
• Test CrowdStrike next-gen AV for yourself. Start your free trial of Falcon Prevent™ today.