- Home >
- Services >
- Access to Knowledge >
- Trend Monitor >
- Domain of Application >
- Trend snippet: Cyber-espionage threat actors adjust their tactics, techniques and procedures to embrace new technologies
Trends in Security Information
The HSD Trendmonitor is designed to provide access to relevant content on various subjects in the safety and security domain, to identify relevant developments and to connect knowledge and organisations. The safety and security domain encompasses a vast number of subjects. Four relevant taxonomies (type of threat or opportunity, victim, source of threat and domain of application) have been constructed in order to visualize all of these subjects. The taxonomies and related category descriptions have been carefully composed according to other taxonomies, European and international standards and our own expertise.
In order to identify safety and security related trends, relevant reports and HSD news articles are continuously scanned, analysed and classified by hand according to the four taxonomies. This results in a wide array of observations, which we call ‘Trend Snippets’. Multiple Trend Snippets combined can provide insights into safety and security trends. The size of the circles shows the relative weight of the topic, the filters can be used to further select the most relevant content for you. If you have an addition, question or remark, drop us a line at info@securitydelta.nl.
visible on larger screens only
Please expand your browser window.
Or enjoy this interactive application on your desktop or laptop.
Cyber-espionage threat actors adjust their tactics, techniques and procedures to embrace new technologies
The ever-evolving threat landscape
To stay ahead of cyberdefenders and incident responders, Cyber Espionage threat actors adjust their tactics, techniques, and procedures (TTPs) to embrace new technology, while keeping their tried-and-true TTPs operational. Here we map those TTPs to the VERIS Action varieties to give you an idea of what is in and what is out.
For example, Phishing (Social) and Backdoor (Malware) have served as go-to Action varieties. Downloader (Malware), Capture stored data (Malware) and Spyware/Keylogger (Malware) have all steadily declined from the 2014 DBIR to the 2020 DBIR, with Scan network (Malware) completely falling off the top 10 list by the time we get to the 2020 DBIR.
Password dumper (Malware), Trojan (Malware) and Remote Access Trojan (RAT) (Malware) are new to the 2020 DBIR top 10 list. And, while we see that since the 2014 DBIR, Backdoor (Malware), Use of backdoor or C2 (Malware) and C2 (Malware) have declined percentagewise over the years, these Action varieties consistently remain within the top five Action varieties for the entire timeframe.