It used to be so simple. Attack campaigns were relatively simple to determine, for example when we detailed the recent Shamoon campaign it was clear that this was intended to disrupt the victim. In this case the target was clearly Saudi Arabia, and the use of a wiper component indicated the objective of the perpetrators of the attack.
Equally the use of ransomware was just as clear, its use was intended to get paid. What we witnessed were these campaigns had been engineered to allow others without the necessary technical expertise to also engage in similar activities. With the availability of various dashboards that assist those to manage and track the number of infected systems.
Leave a reply