‘Privateer’ Threat Actors Emerge from Cybercrime Swamp

2021-05-26 12:01

While privateer cybercriminal groups are not specifically state-sponsored, they may carry out activities of the protecting state anyway due to pressure to engage in specific actions or target specific entities, according to the post.

Privateers fall in the third tier of cybercrime groups below those specifically sponsored by governments at the top, commonly known as APTs and which receive explicit direction and financial support by a nation-state.

At the third tier are the privateers, with one notorious example being the Russia-based DarkSide ransomware group, perhaps best known for its recent attack on the Colonial Pipeline in the United States, which severely disrupted oil and gas supplies in the East and netted the group a $5 million payout.

Another privateer is the ransomware group Lockbit, whose operator told Cisco Talos researchers that the group would not target Russia or any countries allied with Russia, affording them some protection from Putin's government.

"These privateer groups are becoming increasingly prevalent and will likely significantly change the threat landscape in the years to come," researchers wrote.

Lastly, privateer activities have the "Potential for social disturbance," which was clearly evidenced in DarkSide's Colonial Pipeline attack.

News URL

https://threatpost.com/privateer-threat-actors-emerge/166483/

#cybercrime #threat