If you are a cybersecurity researcher, you have probably heard of increasing cybercrime collaborations and partnerships to fast-track skills development, increase reach and capabilities to target deep pocket prospects and advanced governments. The power is in partnerships. Different ransomware developers have partnered up to share hacking techniques, malware codes, tech infrastructure and target lists. Different hackers are trying to specialize at each phase of the hacking process. Others are focusing on footprinting and reconnaissance. They then pass on the information to another cartel to scan, and another to gain access etc which deepens their capabilities and fast tracks success.
The cybercriminal ecosystem is elaborate and underground. Cybercriminal gangs in different countries are partnering to share intel, research, and opportunities. They collaborate, break up and then regroup. It is part of their strategy to stay invisible. Key regions of advanced cybercriminals are reported to be Russia (the headquarter of cybercrime in Eastern Europe), China, Nigeria, Vietnam, Brazil and North Korea.
Are governments ready
Cybercrime remains a #1 priority for governments and private businesses alike. However, few governments and private businesses, although willing, are ready to share intel and internal capabilities for cybercrime. Each country has their agenda and strategy due to the counterintelligence risks. Developed countries like the US, China, Japan, UK, Germany etc develop internal capabilities and do not collaborate or share deep insights about technology, infrastructure, and other capabilities in terms of staff skills.
Because of this, cybercriminals are always ahead of the pack and will continue to use the same attacks on different targets in different countries due to limited intel sharing in real-time.