The most powerful hacking tools are no longer in the hands of governments alone
Hackers now have the money to spend on zero-days
Historically, zero-day exploits have been available to state-sponsored actors only, due to the high cost of development or purchase. However, new analysis shows that unaffiliated threat actors are increasingly getting their hands on these powerful hacking tools.
According to a report from MIT Technology Review, based on a Mandiant study, many modern cybercriminals are wealthy enough to fund the development of zero-day exploits, which can be used to launch devastating and highly lucrative attacks.
The report credits this industry shift to the rise of ransomware attacks, which have proven an effective method of extorting businesses for cash.
Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.
Zero-day vulnerabilities
The term 'zero-day' describes a vulnerability that is unknown to the victim, who is therefore defenseless in the face of an attack. When leveraged, they allow threat actors to deploy malware and control devices remotely, or siphon out data and other sensitive information.
The Mandiant report shows that the proportion of zero-day vulnerabilities exploited by cybercriminals is growing. A third of all hacking groups that exploited zero-days last year were not state-sponsored threat actors, but rather financially motivated groups.
In previous years, “only a very small fraction of zero-days” were deployed by cybercriminals, the report states.
These vulnerabilities don’t come cheap, though, with zero-days for iPhone and Android selling for upwards of $1 million.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
In previous years, hacking groups did not have that kind of budget. However, ransomware has made it possible for them to demand ransom payments in the millions, as was seen in cases such as Colonian Pipeline, JBS and others.
They are “picking up state-sponsored threat actors’ zero-days at a quicker pace,” said Adam Meyers, SVP Intelligence at the security firm Crowdstrike. “They quickly figure out how to use [zero-days], and then they leverage [them] for continued operations.”
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.