Cybercrime is a persistent and growing threat that continues to challenge organizations of all sizes and industries. As the world becomes more digitized, the opportunities for cybercriminals to exploit vulnerabilities and steal sensitive information only increase.
State of Cybercrime in 2023
2023 Threat Landscape
A key trend in the world of cybersecurity is the role of human error in data breaches. According to recent studies, 82% of data breaches are the result of human error, rather than vulnerable software. This includes tactics like social engineering, fraud, and phishing, but it can also include organizations’ choices not to use fundamental security services like multi-factor authentication and security awareness training. As a result, security must be a business-level mindset and an ongoing conversation, not just an IT and technology conversation.
Top Threats to Watch For:
Ransomware in 2023
Ransomware is another significant trend that continues to impact businesses worldwide. In the past, ransomware attacks were almost entirely automated, with threat actors sending attacks to multiple email recipients across various organizations in the hopes that some would launch the software. As defenses improved, the number of ransom payments decreased, and threat actors were forced to work harder, resulting in more narrowly targeted and higher-effort attacks.
According to Coveware, a firm that is responsible for paying ransoms on behalf of breached companies, the number of companies that pay following a breached have dropped over 50% since 2019. Coveware attributes this drop to proper backup & recovery planning, and it just goes to show that security works!
However, even though the number of ransom payments has decreased, the average ransom request value has increased. Threat actors have evolved from single extortion to double and triple extortion, where they exfiltrate data, encrypt copies, and demand payment to delete their copy and decrypt yours. Additionally, cybercrime has become an industry, with specialized developers building and refining toolsets and groups providing services to threat actors.
The Cybercrime Economy
The cybercrime economy is a highly organized and sophisticated industry that generates significant revenue by stealing money and data from legitimate individuals and businesses. This industry is highly specialized, with different groups focused on different aspects of cybercrime.
Highly technical individuals that create the tools necessary for ransomware operations (ransomware software and payment portals) and sell access to RaaS Programs.
Large, organized groups (syndicates) that provide the ransomware tools and a suite of “extortion support” services such as hosting malicious websites, payment pressure, decryption negotiations, and cryptocurrency transaction services.
Small groups, partnered with one or multiple RaaS Programs, carry out the actual attack. They will infiltrate businesses, deploy ransomware, and exfiltrate valuable data.
Individuals or groups that gain access into organizations through phishing campaigns or exploiting vulnerabilities, compile stolen credentials and lists of vulnerable businesses and sell it on the “dark web”.
Overall, organizations must remain vigilant in the face of evolving cyber threats. They must invest in fundamental security services, including employee education and training, multi-factor authentication, and regular backups, and be prepared to respond quickly and effectively to any potential breaches or incidents. With the right mindset, tools, and tactics, organizations can stay ahead of cybercriminals and protect their most valuable assets.
Watch the full webinar
Learn about today’s threats, how to effectively manage your cyber risk, and 4 steps you can take today to prepare your business from what’s coming next: 2023 State of Cybersecurity | You Will Be Breached