Chapter 4. The Evolution of the Botnet
This chapter focuses on the ways in which the threat from bots and botnets has continued to evolve. Just as your security team cannot rely on technology from 5 or 10 years ago, threat actors are constantly changing their attack strategies and finding new ways to wreak havoc on unsuspecting networks. This includes changing up tactics, including incorporating ML into their own capabilities. Of course, attackers aren’t afraid to dip back into classics tricks that still work. Defenders need to be able to protect against these new attack methodologies while still ensuring that defenses against older attacks remain in place.
A Thriving Underground Market
Before getting to the actions of sophisticated threat actors, it is important to understand the evolving underground market. This begins with the increase in commoditization and specialization by threat actors, which makes it easier for less-sophisticated threat actors to “get a foot in the door” by purchasing tools or access from other actors that specialize in various areas of cybercrime. Some of these specialties include the following:
-
Launching distributed denial of service (DDoS) attacks
-
Phishing campaigns
-
Managing ransomware campaigns
-
Selling access to organizations
-
Developing malware for rent or sale
This specialization allows attackers that have a specific skill to continue to improve the capabilities of their tool or service. The revenue stream that comes from selling their ...