Currently, most companies, regardless of their size or sector, are being affected by security incidents to a greater or lesser extent. While cybersecurity solutions continue to improve to deal with these threats, attackers are also increasing the complexity and effectiveness of their techniques to continue to succeed.
On previous occasions, by words of Liz Centoni, Chief Strategy Officer and General Manager of Applications at Ciscor, he explained to us that as the demand for digital products or services is booming, and success is increasingly linked to digital experiences, it tends to make companies an even greater cybernetic target.
On the other hand, we see the Argentine government allocating investment to the cybersecurity of public bodies, and the person in charge of Regulatory Compliance at Onyze warning of the need for DeFi protocols to deploy more robust cybersecurity measures in order to guarantee that they reduce the frequency of hacks
On this occasion, the Interempresas portal in a review of the report ‘Cyber Threat Forecasts for 2023’ from Sophos, global experts in cybersecurity innovation and delivery, tells us that knowing how cybercriminals behave and what the most prominent threats are at all times can be crucial to establishing an effective security strategy.
1. Economics of cybercrime – ransomware groups hone their corporate profile
According to Sophos, the industry of ‘cybercrime-as-a-service’ has reached a new level of commercialization and commodification. In fact, many of the barriers to entry that existed before have been removed, and the tactics for carrying out advanced cyber threats are now within the reach of almost any criminal. Every step in the attack chain, from infection to avoiding detection, is available “as-a-service”putting in the hands of anyone tools and tactics that were previously only available to more sophisticated actors.
In this sense, this has had the consequence that in the last two years there has been a greater professionalization of cybercrime, especially in ransomware gangs.
“It is possible that this trend will increase”they point out, even to the point that ransomware attackers not only raise their corporate profile, but begin to legitimize and diversify outside of the cybersecurity sector as well.
One example is the XSS cybercriminal marketplace or forum, whose administrator has proposed giving paid access to the forum to threat researchers. According to Intermpresas review of the Sophos report, their reasoning is that since the researchers are going to create fake accounts and infiltrate the forums anyway, they could pay a reasonable amount for it. “This way, the administrator doesn’t have to constantly delete fake accounts and researchers don’t have to create new ones”they explained.
“Some jobs, like writing phishing emails in passable English, could simply be replaced by ChatGPT or similar AI automations”they pointed out.
However, they added that despite this, it is likely that the size and scope of these criminal organizations will be reduced somewhat to reduce the risk of identification. “The larger these groups are, the more information there is to reliably identify their participants and reconstruct identities in the real world”they commented.
2. War in Ukraine – Intensity continues on the cyber front
According to Sophos, Ukraine’s war-related cyber threat landscape will continue to cause problems within Ukraine’s borders, as well as less widespread but significant disruption in the rest of the Western world. Added to the concern generated by possible conflicts and misinformation.
Likewise, they have pointed out that Russia’s harassment of Ukraine will continue on the cybernetic front, especially in sectors such as energy. “Outside Ukraine, it could simply be ordinary cybercriminals launching more targeted attacks to support Russian targets (either officially or unofficially), to increase the cost of supporting Ukraine in the West”they commented.
In Sophos’ opinion, another recent development that deserves attention is the recent legalization in Belarus of piracy of media and entertainment content from “non-friendly” nations. “Although it is too early to tell, this could mean that pirated torrents from Belarus are being used to spread malware”they pointed out.
“Another important point could be the first anniversary of the conflict: where Russian cyber attackers could act in coordination on this symbolic date and increase their attacks”they added.
3. Credential Theft, Data Breach, Intrusions, and Malware – Increasingly Effective for Cybercriminals
In this point, highlighted that as the level of maturity of the cybercrime economy increases, the existence of a diverse, solid and expanding market for the sale of stolen data expandsinitial access information, malware, etc. “There are no reasons to indicate that this trend is going to stop increasing”, they highlighted.
They also warn that thieves’ demand for stolen information and credentials is growing, as are its potential uses. “Today, stolen credentials offer numerous ways to infiltrate target networks that can be used to launch ransomware cryptomining attacks, or to launch more traditional attacks”they explained.
Finally, they noted that for their part they have also observed how stolen data is sold under subscription models that allow buyers to have continuous access through those stolen credentials, guaranteeing continuous potential access to the launch of cyberattacks. “This scenario sets the stage for the level of ransomware attacks to continue or even increase through 2023, but so will likely data breaches and network intrusions”they concluded.
Disclaimer: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information presented here should not be taken as financial advice or investment recommendation. All investment and commercial movement involve risks and it is the responsibility of each person to do their due research before making an investment decision.
It may interest you:
Investments in crypto assets are not regulated. They may not be suitable for retail investors and the entire amount invested may be lost. The services or products offered are not directed or accessible to investors in Spain.