What We Do
How we do it
Our Threat Response Unit (TRU) publishes security advisories, blogs, reports, industry publications and webinars based on its original research and the insights driven through proactive threat hunts.
View Threat Intelligence Resources →
Jan 19, 2023
Increased Activity in Google Ads Distributing Information Stealers
THE THREAT On January 18th, 2023, eSentire Threat Intelligence identified multiple reports, both externally and internally, containing information on an ongoing increase in Google advertisements…
Read More
View all Advisories →
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1500+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
Dec 13, 2022
eSentire Named First Managed Detection and Response Partner by Global Insurance Provider Coalition
Waterloo, ON – December 13, 2022 – eSentire, Inc., the Authority in Managed Detection and Response (MDR), today announced it has been named the first global MDR partner by Coalition, the world’s first Active Insurance provider designed to prevent digital risk before it strikes. Like Coalition, eSentire is committed to putting their customers’ businesses ahead of disruption by improving their…
Read More
e3 Ecosystem
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
Learn more
Apply to become an e3 ecosystem partner with eSentire, the Authority in Managed Detection and Response.
Login to the Partner Portal for resources and content for current partners.
Blog — Jan 12, 2021

2021 Drops the Cyber from Cybercrime

But cybercrime isn’t going away--it’s only getting more ingrained

4 minutes read
Speak With A Security Expert Now

Well, it’s that time of year. Time for the much-ballyhooed 2021 predictions. Time to stick our collective cyber finger in the digital winds to determine the coming trends. As we exit 2020, the year that ran like a compilation of disaster movies, we are set for more of the same, at least when it comes to cybercrime. Here are my top seven predictions:

1. Mainstream social media abandoned for alternative dens of inequity

In 2020, conspiracy theories pervaded popular social media services. In 2021, deep fake won’t simply be about seamless manipulation of video and audio. Rather, the general acceptance of the preposterous will become the new baseline. Expect new media platform names to not only become household vernacular but prosper as the protectors of the First Amendment and uncensored speech. On New Year’s Eve, kiss truth and fact goodbye, and say hello to a whole new opportunity for criminals to spread misinformation and continue to sow mistrust.

2. Cyber Tampering: From elections to public markets

The shenanigans seen in election tampering will go mainstream — and for profit. Swaying or manipulating elections is the long play for gray zones (aka, enemy states: Russia, China, Iran, North Korea, etc.). The short play involves using the same tactics to manipulate public sentiment and belief to engineer the value of a publicly traded company and make money on the stock market.

Insider trading is nothing new for the SEC to police, but when it happens in extremely subtle ways through the manipulation of social media, it looks like gray cyberwars: hard to prove, difficult to attribute, and even harder to stop. Imagine if campaigns promote a product and spread tales of poor quality, dangerous materials, or labor abuses to damage the reputation of a global brand. Criminals can “short” the stock knowing it will fall. Gray crime leaves no fingerprints. There is no smoking gun — only millions of posts and re-posts. And bots, fake accounts, and false identities create a haystack in which the criminal needle is hidden. These crimes will likely go unnoticed, let alone unprosecuted.

3. Artificial Intelligence and Machine Learning — Ghost in the machine?

Machine learning could help with gray crime, looking at eddies in the current, undetectable to the naked eye, that indicate suspicious activity. But 2021 will see the poisoning of the AI well, and manipulation of data lakes to affect the outcome of machine learning. It’s the same approach as election tampering. What would a poisoned data well look like? How about missed cancer detection in medical technology? Or, planting an easter egg so security algorithms miss specific aberrant behavior that creates a vulnerability criminals can exploit? Machine learning and AI can be used to analyze millions of cyber attacks to hone skills and predict the most successful tactics or phishing lures, but we shouldn’t assume they will always be used for noble purposes.

4. Watching the watchers

In the same way that election tampering and the mainstream spread of conspiracy theories has eroded accepted fact and bipartisan trust, the next campaign of cyber attacks will sow suspicion between companies and the vendors they trust to protect them from cyber criminals. In 2020, we saw a rise in cyber attacks against managed service providers and marquee security vendors. Initial attacks were used to access the target business through its most trusted and privileged suppliers, the security vendors. This new phase is designed to erode trust in security technology and its ability to protect their clients. It could create a do-it-yourself mentality, and carve off companies from the herd, leaving them vulnerable to attack. It won’t work in regulated industries, but might in private, family-owned businesses that are already looking for an excuse not to spend money on IT.

5. Massive outages becomes the next plague

I talked about gray crime. What about brown (out) crime? Criminals showed they are willing to cripple healthcare delivery organizations amidst the greatest pandemic of our generation. And, we’ve seen nation states target businesses in retaliation for geopolitical events. We’ve also seen smaller and limited cyber attacks against local utilities such as water and electricity. Perhaps those attacks are testing our perimeter. Imagine the impact of constant cyber attacks against power, water and gas providers? How long before the public demands governments pay ransoms, or demand like-for-like retribution? It’s a world that is no longer distinguishing between combatants and civilians. There won’t be collateral damage. Just damage. And, we will all pay the price.

6. Cyber insurance becomes mandatory

We often compare the actuarial maturity of life or auto insurance to cyber policies as a way of expressing security maturity as a proxy for risk, thereby establishing premiums. Cyber insurance is often characterized as the wild, wild west. Not anymore. It’s time to settle the west. The reality is, companies will have to carry coverage to offset residual risk. In fact, coverage will likely become a requirement to participate in certain industries or client pools. Like data breaches, it’s not if, but when. Same goes for cyber insurance.

7. Cybercrime goes the way of white-collar crime

Like white collar crime of the past, it simply became “crime.” We stopped distinguishing between the methodology of the malfeasance. The same will happen with cybercrime. As we become more and more interconnected, we won’t see the difference between crime categories. So, perhaps an extra prediction: By the end of 2021, we will drop the use of cybercrime. It will simply be referred to as “crime.” The cyber piece will become a secondary descriptor. Gun or knife, pen or privilege, cyber or digital. It’s a tool or weapon. What matters is that it’s crime. Pure and simple.

View Most Recent Blogs

eSentire is the Authority in Managed Detection and Response, protecting the critical data and applications of 1500+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk, and enables security at scale. The Team eSentire difference means enterprises are protected by the best in the business with a named Cyber Risk Advisor, 24/7 access to SOC Cyber Analysts & Elite Threat Hunters, and industry-leading threat intelligence research from eSentire’s Threat Response Unit (TRU). eSentire provides Managed Risk, Managed Detection and Response and Incident Response services. For more information, visit www.esentire.com and follow @eSentire.