Blog
Flashpoint’s Hunt Team: Shedding Light on the Cutting Edge of Cybercrime
All too often, cyber-defense measures protect only against known threats. But since threat actors operating on the deep and dark web (DDW), encrypted chat services, and other covert channels are constantly developing new methods in order to catch their targets off guard, organizations assume considerable risk in taking a reactive stance.
In today’s world, cybersecurity is more important than ever. Since threat actors operating on the deep and dark web (DDW), encrypted chat services, and other covert channels are constantly developing new methods to catch their targets off guard, it’s not enough for organizations to react to threats.
For this reason, Flashpoint’s Intelligence Team has a dedicated group of analysts known as the Hunt Team that specializes in tracking down the newest threats emerging from illicit communities, enabling customers to proactively manage risk. The Hunt Team is adaptable and responsive to the varying and ever-changing needs of customers, but some of the core challenges they help defenders address include the following:
Emerging Cyber Threats
The Hunt Team constantly monitors the cyber threat landscape and conducts novel research into a wide variety of new and emerging technical threats like malware, malicious techniques, and criminal infrastructure. Analysts produce finished intelligence reports that provide customers technical and contextual details—such as infection vectors, motive, monetization methods, relation to other cyber threats, potential impact, and indicators of compromise (IOCs)—as well as recommended mitigations.
Evolving Tactics, Techniques, and Procedures (TTPs)
In addition to considering cyber threats from a technical standpoint, Hunt Team researchers understand that cybercriminals are humans too. Understanding the rationale and methodology behind their actions provides the insight needed to both develop effective countermeasures and anticipate future developments.
Our Hunt Team analysts are well aware of this. As they scour for emerging cyber threats and new collections sources, they remain cognizant of the big picture—how their observations relate to recent and historical findings—to identify bellwethers of change within the threat landscape. And on an ongoing basis, the team shares these insights in the form of finished intelligence reports spanning a broad range of topics, from changes in ransomware targeting methods to fraudsters’ adaptation to EMV implementation, thus informing customers’ long-term defense strategies.
Threat-Actor Movement
Influenced by myriad factors, including law-enforcement takedowns, sociopolitical developments, and the introduction of new security technology, the online venues through which threat actors conduct their operations are always changing. In recent years, many threat actors have moved toward decentralized channels such as encrypted chat services.
The migration of threat actors to new—and often less centralized—online spaces can throw a wrench in efforts to monitor emerging threats. For this reason, the ongoing expansion of Flashpoint’s collections across the DDW and encrypted chat services is a core element of the Hunt Team’s operations. In addition to supporting their investigations and reporting, the team’s efforts to expand Flashpoint’s collections enhances the breadth and depth of our alerting capabilities and API-integrated datasets on an ongoing basis.
To learn more about our Hunt Team analysts’ responsibilities, their professional backgrounds, and the customer use cases they support, contact us today.