Scribd
Upload
30 views1 page

Falcon Threat Intelligence Recon Infographic

The document discusses the rise of ransomware campaigns targeting high-value entities within the cybercriminal ecosystem, highlighting the advanced tools and services that facilitate cybercrime. It outlines the methods of distribution and monetization used by criminals, such as access brokers and data extortion. Additionally, it introduces CrowdStrike's Falcon Intelligence Recon, a service designed to monitor and protect against digital risks by tracking malicious activities across various web platforms.

Uploaded by

montu_shah404
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
30 views1 page

Falcon Threat Intelligence Recon Infographic

The document discusses the rise of ransomware campaigns targeting high-value entities within the cybercriminal ecosystem, highlighting the advanced tools and services that facilitate cybercrime. It outlines the methods of distribution and monetization used by criminals, such as access brokers and data extortion. Additionally, it introduces CrowdStrike's Falcon Intelligence Recon, a service designed to monitor and protect against digital risks by tracking malicious activities across various web platforms.

Uploaded by

montu_shah404
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

Exposing

the
Criminal
Underground
DISTRIBUTION

2 N

1 3
TI O
SE

IZ A
RV
I CE

ET
ON
S

The allure of big game hunting —


ransomware campaigns aimed at high-
value targets — has dominated the
cybercriminal ecosystem, spurring the
market with advancements in:

Services:
Advanced tools and a network of affiliates help enable
cybercrime and drive the underground economy.

ACCESS HARDWARE ANONYMITY AND PHISHING KITS


BROKERS FOR SALE ENCRYPTION

RANSOMWARE CRIME-AS- CREDIT/DEBIT CARD LOADERS


A-SERVICE TESTING SERVICES

COUNTER ANTIVIRUS MALWARE HOSTING AND RECRUITING FOR


SERVICE/CHECKERS PACKING SERVICES INFRASTRUCTURE CRIMINAL GROUPS

WEBINJECT KITS DDOS ATTACK


TOOLS

Distribution:
Although methods largely remain the same,
criminal actors are finding novel ways to
bypass security measures.

SOCIAL NETWORK EXPLOIT KIT SPAM EMAIL PURCHASING


AND INSTANT DEVELOPMENT DISTRIBUTION TRAFFIC AND/
MESSAGE SPAM OR TRAFFIC
DISTRIBUTION
SYSTEMS (TDS)

Monetization:
Ransom payments and data extortion are the
most popular avenues for monetization.

MONEY MULE RANSOM RESHIPPING WIRE FRAUD


AND CASHING PAYMENTS AND FRAUD NETWORKS
SERVICES EXTORTION

DUMP SHOPS CRYPTOCURRENCY COLLECTION AND MONEY


SERVICES SALE OF PAYMENT LAUNDERING
CARD INFORMATION

Cybercrime Paint by Numbers:


Easy as 1-2-3
Adversaries don’t need to be technical
experts to make fast cash — they just need
to put the pieces together.

1.

3.

2.

1. Access brokers 2. Ransomware 3. D


 ata extortion
gain backend as a service happens when
access to is a business the attacker
organizations model in which goes beyond
and sell sensitive developers lease encrypting the
credential ransomware environment
or device variants to and exfiltrating
configuration data adversaries, sensitive data.
on criminal forums enabling them to The attacker
or through private launch attacks extorts the victim
channels. more quickly, by threatening to
affordably and sell the sensitive
easily than ever data unless the
before. ransom is paid.

Falcon Intelligence Recon:


Digital Risk Protection
CrowdStrike Falcon Intelligence Recon™
exposes the criminal underground by
monitoring potentially malicious activity
across the open, deep and dark web —
enabling organizations to proactively
defend their brand, employees,
sensitive data and more.
Falcon Intelligence Recon
monitors the following:

55,000+
unique sites on the deep, dark web

8+ billion
files, posts and messages

500+ million
posts to social media

1+ million
unique data sources
Encrypted messaging apps

Adversary infrastructure

Falcon Intelligence Recon


Benefits

Deep, Dark Prioritized


Web Visibility Alerts

Real-time Integrated
Monitoring Threat
Intelligence

Identify risks to brands,


employees and critical assets

Gain visibility into restricted


forums and markets

Detect and stop data leaks and


impersonations

Accelerate incident
investigations

Get immediate time-to-value

Use
Falcon Intelligence Recon for:
Brand Protection
Monitors fraudulent interactions associated with
the customer’s brand including fake social media
sites and phishing sites

Executive Protection
Monitors threats to ensure the safety of VIPs and
executives, including the identification of fake
accounts and impersonations

Data Leak Discovery


Detects compromised credentials, sensitive
documents, IP and customer data across the
open, deep and dark web

Fraud Detection
Detects counterfeit items, fake apps and
intellectual property infringement on social media,
web marketplaces and criminal forums

Supply Chain
Monitors fraud, impersonation and fraudulent
interactions of partners in the customer’s supply
chain

Tools and Infrastructure


Identifies tools, malware and Common
Vulnerabilities and Exposures (CVEs) that are
discussed or for sale on criminal forums and
markets

Falcon Intelligence Recon+


— Managed Digital Risk
Protection
Falcon Intelligence Recon+ enables organizations
to offload the effort of managing external threats
to CrowdStrike. This increases the effectiveness of
your security team while reducing the time, skills and
effort required to battle sophisticated adversaries.

Falcon Intelligence Recon+ Benefits


Rule Creation
Assigned Analyst Onboarding & Monitoring

Take Downs Alert Context

Messaging Platform Full-Spectrum


Digital Risk
Protecion
Reporting
& Briefing

© 2021 CrowdStrike, Inc. All rights reserved.

CrowdStrike We Stop Breaches

You might also like