Cyberattacks aren’t what they used to be. Instead of one group planning and carrying out an entire attack, today’s hackers are breaking the process into parts and handing each step to different teams. This method, often seen in cybercrime now, is making it more difficult for security experts to understand and stop attacks.
In the past, cybersecurity analysts looked at threats by studying them as single operations done by one group with one goal. But that method is no longer enough. These days, many attackers specialize in just one part of an attack—like finding a way into a system, creating malware, or demanding money—and then pass on the next stage to someone else.
To better handle this shift, researchers from Cisco Talos, a cybersecurity team, have proposed updating an older method called the Diamond Model. This model originally focused on four parts of a cyberattack: the attacker, the target, the tools used, and the systems involved. The new idea is to add a fifth layer that shows how different hacker groups are connected and work together, even if they don’t share the same goals.
By tracking relationships between groups, security teams can better understand who is doing what, avoid mistakes when identifying attackers, and spot patterns across different incidents. This helps them respond more accurately and efficiently.
The idea of cybercriminals selling services isn’t new. For years, online forums have allowed criminals to buy and sell services—like renting out
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.