突破“不良行为者”——将威胁情报转化为 RaaS 弹性.pdf

《突破“不良行为者”——将威胁情报转化为 RaaS 弹性.pdf》由会员分享，可在线阅读，更多相关《突破“不良行为者”——将威胁情报转化为 RaaS 弹性.pdf（15页珍藏版）》请在三个皮匠报告上搜索。

1、May 20251PwC Threat IntelligenceBreaking Bad Actors:Transforming Threat Intelligence into RaaS ResilienceIntroductionsTina MacaireStrategic Crime LeadPwCTina is a Senior Associate on PwCsGlobal Threat Intelligence(GTI)team,where she supports the production ofstrategic,threat,and tactical Threat Inte

2、lligenceStrategic IntelligenceIntelligence as modelOpen-Source Intelligence(OSINT)Application of analytical techniquesSohan LokulaNorth Korea-based Threats LeadPwCSohan is a Senior Associate in PwCs GlobalThreatIntelligence(GTI)team,withaprimary focus on Crime and APAC-basedthreat actors.Threat Inte

3、lligenceOpen-Source Intelligence(OSINT)Deep and Dark Web ITLP:WHITEMay 20253PwC Threat IntelligenceReal World CrimeCyber CrimeReal World Crime vs Cyber CrimeMay 20254PwC Threat Intelligence2023 vs 2024 vs 2025 ransomware leak victims4,83793total leak site victims in 2024ransomware threat actors in 2

4、0242024 Top 10 Sectors%change from 2023 to 20241.Manufacturing+39.1%2.Professional Services+18.2%3.Construction+92.3%4.Technology+30%5.Healthcare+68.7%6.Retail+66.5%7.Legal+26.5%8.Education-20.5%9.Food&Agriculture+89.0%10.Government+39%May 20255PwC Threat Intelligence01020304050600100200300400500600

5、700800JanuaryFebrauryMarchAprilMayJuneJulyAugustSeptemberOctoberNovemberDecemberVictimsNumber of active Ransomware operatorsLE reveal of LockBitSuppLE action targeting White Dev 101(ALPHV,BlackCat)and White Janus(LockBit)RansomHub first recorded leak site victims2024 Leak site victims vs active rans

6、omware operatorsMay 20256PwC Threat Intelligence22117383510455401606551958137110100100010000500+victims200-499 victims100-199 victims50-99 victims10-49 victimsFewer than 10 victims#of RaaS operators#of combined victims*This is a logarithmic graphVictim dispersion amongst ransomware operatorsMay 2025