Market Overview

Accenture Mid-Year Threatscape Report Identifies Five Global Cybersecurity Threats


Organizations and critical infrastructure will likely experience a
greater number of, and more-destructive cyberattacks, including physical
damage perpetrated by highly funded rogue nation states and
cybercriminals looking to disrupt business operations, make money or spy
on targets, according to a new report from Accenture (NYSE:ACN).

This press release features multimedia. View the full release here:

(Photo: Business Wire)

(Photo: Business Wire)

Specifically, the report predicts an escalation of Iran-based
cyber-threat activity; a broadening attack of global supply chains;
increased targeting of critical infrastructure; as well as new and
growing avenues of financially motivated cybercrime.

The Cyber
Threatscape Report 2018
examines trends in cyber threats observed
and analyzed during the first half of the year and explores how cyber
incidents might evolve over the next six months. The report is based on
intelligence collection and analysis from Accenture Security's iDefense
threat intelligence operations, including research using primary and
secondary open-source materials. It notes the increased prevalence of
destructive attacks; the aggressive use of information operations by
nation-states; the growth in the numbers and diversity of threat actors;
as well as the greater availability of exploits, tools, encryption and
anonymous payment systems available to malicious actors.

"Our threat intelligence teams have spent the last 20 years keeping
close track of threat actors and cyber crooks and the creative ways they
might try to break into networks," said Josh Ray, managing director at
Accenture Security. "To protect against these emerging threats and
respond if they should fall victim to an attack, organizations must be
proactive in thinking about business risk on a day-to-day basis.
Learning from previous incidents and understanding what is coming next
based on timely and actionable threat intelligence is key to keeping
data and systems safe."

The report outlines five key threats:

  • Threat #1: The Iranian cyber threat is real
    Although Iran
    is generally perceived as an emerging cyber power, new evidence shows
    Iran-based threat actors and state-sponsored groups are expanding
    their malicious activities and capabilities. Accenture's threat
    intelligence analysts have observed that the PIPEFISH cyber-espionage
    threat group continues to be highly active and is advancing its
    toolset. This threat group has been primarily targeting Middle Eastern
    organizations in the energy sector across countries such as Saudi
    Arabia, Qatar and United Arab Emirates for surveillance and espionage
    objectives. Newly uncovered malware from PIPEFISH has the ability to
    execute remote commands and to upload and download files from the
    victim's system. Additionally, analysis has identified the emergence
    of Iran-based ransomware, indicating that Iranian cybercrime actors
    are likely to target global organizations by using ransomware as well
    as cryptocurrency miners for financial gain.
  • Threat #2: Nation-states look to exploit third- and fourth-party

    Cybercriminal, espionage and hacktivist groups
    will continue to target supply chains, and the strategic business
    partners that contribute to them, for monetary, strategic and
    political gain. For instance, Accenture's threat intelligence analysts
    believe that a China-based group of hackers known as PIGFISH is
    targeting organizations in multiple industries to fulfil collection
    requirements for various espionage missions and simultaneously gain
    access to additional supply-chain attack capabilities and resources.
    As cyber adversaries continue to use trusted third parties as vectors
    of intrusion, attribution and intent will become more challenging.
  • Threat #3: Critical infrastructure is a tempting high-value target
    for threat actors

    The oil and natural gas industry will
    continue to be an attractive target for threat actors for the
    remainder of 2018. On the international front, Russian state actors
    could sponsor disruptive or espionage-related cyber operations or
    support hacktivists in the name of protecting the environment to
    contain new competition to its largest energy market. Another key
    factor is rising oil prices, which could create incentives for threat
    actors in North Korea to launch ransomware attacks and other
    financially motivated cyber threat activities, such as cryptojacking,
    in order to circumvent sanctions and raise money.
  • Threat #4: Radical shift in alternative cryptocurrency mining

    The use of miner malware has been one of the largest
    growth areas in cybercrime this year, and its growth will likely
    continue into 2019. Recent observation of criminal underground
    activity has revealed a plethora of advertisements by malware authors
    and resellers for Monero miner malware. The variety of malware
    available ranges from generic and cheap entry-level malware to vast
    botnets of compromised devices infected with custom malware.
  • Threat #5: Advanced persistent threat (APT) operations becoming
    more financially motivated

    While many APT-style cyberattacks
    are carried out for the purpose of espionage, financially motivated
    cybercriminals have been stepping up their game since as early as
    2013. These prolonged, multi-stage cyberattacks are increasingly being
    carried out by cyber criminals who are expanding their capabilities to
    include traditional cyber espionage tools, techniques and procedures
    as well as the use of new malicious tools to attain financial rewards.
    The level of activities from financially motivated targeted attack
    threat groups like Cobalt Group and FIN7 will remain significant but
    lower in volume in 2018 than in 2017.

About Accenture

Accenture is a leading global professional services company, providing a
broad range of services and solutions in strategy, consulting, digital,
technology and operations. Combining unmatched experience and
specialized skills across more than 40 industries and all business
functions – underpinned by the world's largest delivery network –
Accenture works at the intersection of business and technology to help
clients improve their performance and create sustainable value for their
stakeholders. With 449,000 people serving clients in more than 120
countries, Accenture drives innovation to improve the way the world
works and lives. Visit us at

Accenture Security helps organizations build resilience from the inside
out, so they can confidently focus on innovation and growth. Leveraging
its global network of cybersecurity labs, deep industry understanding
across client value chains and services that span the security
lifecycle, Accenture helps organizations protect their valuable assets,
end-to-end. With services that include strategy and risk management,
cyber defense, digital identity, application security and managed
security, Accenture enables businesses around the world to defend
against known sophisticated threats, and the unknown. Follow us
@AccentureSecure on Twitter or visit us at

Copyright © 2018 Accenture. All rights reserved. Accenture, its logo,
and High Performance Delivered are trademarks of Accenture.

View Comments and Join the Discussion!