The report also discovered that once cybercriminals gain access to a financial organization, they are no longer looking for wire transfers or capital, as was previously assumed. Cybercriminal cartels are now looking for non-public market data such as earnings estimates, public offerings, and significant transactions. In fact, two out of every three (66 percent) financial institutions were subjected to attacks aimed at market strategies.

That’s worrisome, including because hackers would normally have to gain specific knowledge of water treatment management systems, a very specific target demographic.

The techniques feature a multi-stage process where a .NET downloader grabs chunks of malware from legitimate third-party websites such as pastebin and hastebin – where they are hosted in plain sight