Consultants key to countering pentester surge in malware design
Cybercriminals are turning to freelance pentesters to improve the effectiveness of their ransomware attacks and to find new avenues for intrusion. As firms struggle to respond quickly enough, AJ Thompson, CCO at IT consultancy Northdoor, explains how the experience and expertise of third-party IT consultancies can help advise on the most appropriate cyber defences and then implement and manage them.
“Companies are more reliant than ever on technology for their day-to-day operations. As a result, there are more points of access for cybercriminals to take advantage of and if compromised it can have a devastating impact on the ability to continue operating,” Thompson explains.
But this comes at a time when firms are facing major financial headwinds. Even though it would be tempting to just assume that as their defence systems were previously validated they must be fine now, “quite simply, they cannot afford to downgrade their cybersecurity efforts.” As the money may not be there to undertake the assessment of systems in-house, in many cases, this is leading to companies to tap freelance “white hat” hackers to test their capabilities.
But with the global penetration testing market valued at $2.20 billion in 2023, and with it projected to reach $6.35 billion by 2032, otherwise legitimate freelance penetration testers could be recruited into red hat activity should ransomware gangs offer a better price.
Thompson argues, “Organisations turn to freelance white hat hackers to expose their network vulnerabilities and to help ensure they can improve their security posture. The fact that many of these freelance white hat hackers could be tempted to turn red for the right price, is incredibly concerning. Potentially this could result in attack techniques becoming harder to detect and the creation of a worst-case scenario in which new ransomware is deployed before cybersecurity experts get the chance to analyse and mitigate it.”
According to Thompson, malware writers are already scouring the dark web looking to recruit knowledgeable, freelance pentesters to test their malware payloads on multiple virtual systems for its effectiveness. Red hat hackers are then able to advise malware operators on possible weak points in which they can use to break into networks and ultimately compromise data for a ransomware extortion.
This business model has been so effective that malware is now being offered as part of an affiliate program. Each affiliate is responsible for installing and carrying out attacks themselves, while the ransomware group takes a percentage of the payout.
Turning to third-party IT consultancies that have the experience and expertise to advise on the most appropriate cyber defences could be a vital defence against this, Thompson suggests. This could allow smaller IT in-house teams to focus on other, critical business functions, whilst having peace of mind that the security is in the hands of a proactive and expert team.
“Third-party IT consultants can provide a 360-degree, 24/7 overview of an organisation, giving a comprehensive view of where vulnerabilities lie. This allows organisations to have urgent conversations with partners and suppliers to close the vulnerabilities before they are exploited by cybercriminals. Effective prevention, detection and response technologies implemented by third-party IT consultants, will enable organisations to proactively defend against an attack,” concluded Thompson.