The starting price of a full set of tools for Advanced Persistent Threat (APT) attacks on financial enterprises may be as high as $55,000, while cyberespionage campaigns can start at $500,000. However, victims lose more than quadruple what criminals spend. ¹
In a new study issued by Positive Technologies today, experts analyze tools used by 29 APT groups which continue to be a threat for multiple industries across the globe, such as state agencies, credit and financial institutions and the manufacturing sector.
The report finds that spear phishing emails are an efficient way criminals get into internal networks of victim organizations; ninety percent of APT groups use this method. The full cost of tools for developing malicious attachments, without the cost of zero-day vulnerabilities exploits, is c.$2,000 (c.£1,500). The most expensive malware type on the dark web is targeted at ATMS, and costs around $5,000 (£4,000). The study also indicates that, once inside a network, one in two APT groups use legitimate administration and commercial penetration testing tools to find vulnerable systems. Commercial penetration testing tools cost anywhere from $8,000 to $40,000 (approximately £6,300 to £30,000).
Early 2019 was marked with renewed activities by a financially-motivated group, Silence. In attacks, Silence used both free software from Sysinternals Suite and some unique malicious software tools. Based on a thorough analysis of the tools offered on the dark web, Positive Technologies experts conclude that the starting price of a full set of tools for a financially motivated group like Silence can be as high as $55,000 (£43,000). And the actual financial damages of a successful attack on institutions can amount to more than quadruple that figure (roughly $288,000/£226,000).
"Tools used in APT attacks vary depending on the hackers' motives. However, our data indicates that 48 percent of currently active APT groups use pentesting tools to identify and exploit security weakness." said Leigh-Anne Galloway, Cyber Security Resilience Lead at Positive Technologies "While a set of tools for a financially motivated group costs around a few thousand dollars, the profitable returns outweigh the costs. For the hackers themselves, the cost of buying or developing tools pays off after the first few successful attacks."
Despite APT attacks declining they still account for just under half of attacks (47 per cent). More than half of attacks (54 percent) are to steal information from personal correspondence to commercial secrets whilst 30% of attacks were made for financial gains.
Note: The costs highlighted in the report are estimates. The actual cost of АРТ attacks vary, and can be greater.