In late January, law enforcement officials disrupted the operations of the Hive cybercriminal group, which has profited off of a ransomware-as-a-service (RaaS) business model. And though the takedown was an inspiring victory, there’s plenty more ransomware where that came from. Indeed, Microsoft just reported that at the conclusion of 2022 it was tracking more than 100 threat actors using over 50 different ransomware families to extort victims. And many of these criminal networks operate like professional businesses in this underground economy. Bottom line: there’s still a lot of work to be done, and it begins by collecting and communicating the right cyber threat intelligence to profile these threat actors and understand how they operate, so we can anticipate and defend against their next move. In this segment, we will discuss the responsibility of the MSSP to understand their opponents while keeping their clients abreast of the latest intelligence reports and adversary TTPs.

 

Show Notes: https://securityweekly.com/cfh8