The year 2021 smashed all records in terms of the sheer number of cyberattacks on government entities, private-sector organizations, and individuals. While several new threat actors emerged on the cybersecurity threat landscape in 2021, the existing ones also adopted more advanced tactics, techniques, and procedures (TTPs) to enhance the effectiveness of their operations.
Cyber criminals are motivated by various factors, including espionage, socio-political, criminal, and personal. Cyber espionage campaigns rely on stealth and are usually conducted by sophisticated hacking groups to obtain sensitive or classified information from their targets, such as intellectual property (IP), state secrets, research data, business goals, organizational finances, political strategies, etc. In some cases, cyber espionage is carried out simply to stain the reputation of the targets by leaking dubious business practices or private information.
On the other hand, politically motivated threat actors are more likely to grab public attention via their campaigns commonly known as “hacktivism.” The perpetrators of such crusades adopt different strategies, such as defacing the websites of target companies, orchestrating denial of service (DoS) attacks, or exposing questionable information about their targets to promote their cause and beliefs. Government entities, multinational corporations, and powerful individuals have often found themselves at the crosshairs of hacktivists.
Furthermore, the criminally motivated threat actors seek financial gain via information theft, business disruption, or cryptojacking. The attackers employ a variety of attack strategies to infiltrate the target networks to perform various types of nefarious activities such as deploying ransomware or stealing sensitive data that can later be used to extort money from the victims. In some cases, the pilfered information is either leaked or sold to the highest bidder on the underground hacking forums. The adversaries also leverage cryptomining malware that hijacks the resources of infected machines to mine cryptocurrency.
Finally, personally motivated hackers usually carry a personal vendetta against individuals or organizations and try to settle scores by causing disruptions to a business or stealing valuable data or money from the targets. These attackers are usually either employees or ex-employees who have extensive knowledge about an organization’s network architecture and defenses.
In this report we provide:
- An overview of the global cyberthreat landscape.
- A detailed discussion on the geopolitical, regional, and industry threat landscape for different geographical regions.
- Insights on industry-specific cyberthreats.