The 471 Cyber Threat Report
The Darwinistic nature of the cyber threat landscape ensures advancements in defender capabilities will be reciprocated by the refinement of threat actor tools and tactics, techniques and procedures (TTPs). The manifestation of these advancements in the underground allows us to monitor and analyze emerging threats early in their life cycle. This year we identified a host of cyber threat trends that will likely dominate the landscape into 2023 and beyond.
Threat actors monetized criminal services to great success in 2022. Multi factor authentication (MFA) is a common security practice for many organizations, as a result threat actors rely on circumventing this layer of security and turn to one-time password (OTP) bypass services to achieve this. OTP services often offer bots that SMiSh targets into providing an attacker access to an account. This area of the underground ecosystem will likely grow as demand increases for these services in the future. Lastly, the use of information-stealers will continue into 2023; Since the beginning of 2022, there has been a substantial uptick in offering when compared to the same period of 2021.