As of late, cyber threats have only grown in velocity and volume, with cybercriminals taking advantage of every new capability to grow and prosper. Couple that with a global pandemic and a sudden increase in remote working in the cloud, and you open the door to countless new vulnerabilities.
The opportunity of these new vulnerabilities is bringing out less experienced threat actors entering the space in hopes of easy returns, while more seasoned threat actors see an opportunity for Crime-as-a-Service (CaaS). This is where professional threat actors and criminal organizations develop advanced tools and packaged services to sell to other, usually less experienced, criminals to help them carry out complex cyber attacks.
As Crime-as-a-Service continues to grow in popularity, it’s important to know what steps organizations can take to protect themselves. As a result, my colleague Samantha Van Stokrom and I dug into the nuts and bolts to help organizations better understand the many aspects of CaaS in a recent article for Dark Reading. Specifically, we defined some of the most popular types of CaaS, which include:
- Phishing
- Exploit kits
- DDoS
- Ransomware-as-a-Service
- Research-as-a-Service
- Digital Currency
If you’d like to learn more about these specific types of CaaS, as well as some recommendations for protecting against CaaS that we’ve seen work for the financial sector, you can read the full article here. And, if you’d like to learn more about CaaS, connect with me on LinkedIn, and we can continue the conversation!
