Historically, zero-day exploits were only accessible to state-sponsored actors, due to the high cost of development or purchase. However, new analysis shows that unaffiliated threat actors are increasingly getting their hands on these powerful hacking tools.
According to a report by MIT Technology ReviewAccording to research by Mandiant, many modern cybercriminals are wealthy enough to fund the development of zero-day exploits, which can be used to launch devastating and highly lucrative attacks.
The report attributes this shift in industry to the rise of ransomware attacks, which have proven to be an effective method of extorting money from businesses.
The term “zero-day” describes a vulnerability unknown to the victim, who is therefore defenseless against an attack. When exploited, they allow hackers to deploy malware and control devices remotely, or siphon off data and other sensitive information.
The Mandiant report shows that the proportion of zero-day vulnerabilities exploited by cybercriminals is increasing. A third of all hacking groups that exploited zero-days last year were not state-sponsored threat actors, but rather financially motivated groups.
In previous years, “only a very small fraction of zero-days” were deployed by cybercriminals, the report said.
However, these vulnerabilities don’t come cheap, with zero-days for iPhone and Android selling for over a million dollars.
In previous years, hacking groups didn’t have that kind of budget. However, ransomware has allowed them to demand millions in ransoms, as seen in cases such as Colonian Pipeline, JBS and others.
They “detect state-sponsored attacks on cybercriminals faster,” said Adam Meyers, SVP Intelligence at security firm Crowdstrike. “They quickly understand how to use [zero-days]then they take advantage [them] for continued operations.
Via MIT Technology Review