Η επιβολή του νόμου είναι ένα σημαντικό κομμάτι του πάζλ στη μάχη κατά των εγκληματιών του ψηφιακού κόσμου. Ένα άλλο κομμάτι είναι οι καταναλωτές και οι επιχειρήσεις, που μπορούν – και πρέπει – να συνεχίσουν να βελτιώνουν την άμυνά τους. Το τρίτο μέρος του πάζλ είναι οι Companies που δραστηριοποιούνται στην ψηφιακή ασφάλεια. Ο ρόλος που καλούνται να παίξουν αυτές οι εταιρείες είναι να ερευνούν τις νέες απειλές και να ενσωματώνουν προστασία στα products their. “Cybersecurity companies can even help police track, locate, and neutralize cybercriminals – and ultimately send the message out there that cybercrime doesn't work,” says Phil Muncaster from global cybersecurity firm ESET.
Let's see who they are 5 new trends in the digital crime space that, according to Muncaster, we need to keep in mind.
- States cooperate with cybercriminals
State-sponsored activity and cybercrime have been separate domains for several years. The first revolved around cyberespionage and/or destructive attacks aimed at advancing geopolitical and military objectives. The second focused myopically on extracting money.
Worryingly, today, Great Britain's National Crime Agency (NCA) is increasingly seeing a convergence between the two. This manifests itself not only in the fact that some operators use cybercrime techniques to steal money on behalf of the state. Or the fact that some governments turn a blind eye to the activities of ransomware and other cybercrime groups.
In the last year we have started to see hostile states using organized crime groups - not always of the same nationality - as proxies, warns NCA chief Graeme Biggar. "This is a development that we and our colleagues in the counter-intelligence agency MI5 and the counter-terrorism agency are following closely."
It is not the first time that the experts, among others ESET and HP, observe a growing relationship between organized crime and nation states. Indeed, just three months ago, ESET researchers presented the interesting case of the group called Asylum Ambuscade that straddles the line between crime and espionage. But if this strategy becomes more widespread, it will make it harder to attribute breaches, while potentially empowering criminal groups with more sophisticated know-how.
- Data theft is fueling a fraud epidemic
In United Kingdom, fraud now accounts for 40% of all crime, with three quarters of adults being targeted in 2022 either by phone, in person or online, according to the NCA. This is due in part to a constant barrage of exposed data flowing into dark web marketplaces. Europol goes even further, arguing that data is the "key commodity" of the cybercrime economy, fueling extortion (e.g. ransomware), social engineering (e.g. phishing) and more.
The data sold in such marketplaces does not just contain static information, such as credit card details cards, but are aggregated from multiple data points retrieved from a victim's device, Europol argues. The cybercrime supply chain, from data theft to fraud, can involve many separate actors, from initial access brokers (IABs) and bulletproof hosters, to vendors of antimalware tools and encryption services.
This service-based economy is surprisingly efficient. However, the NCA argues that these professional services can also help law enforcement, "providing a rich set of targets that, when disrupted, has a disproportionate impact on the criminal ecosystem".
- The same victims are targeted in a series of attacks
The way cybercrime works today means that even organizations that have just been breached may not be able to rest easy and consider the worst to be over. Initial access brokers (IABs) sell the same information to multiple threat actors. This means that the same set of compromised corporate credentials could be circulated among multiple cybercrime groups, Europol says.
Criminals are becoming more and more adept at making more and more money from their targets. For example, people involved in investment fraud may re-approach their victims, pretending to be different roles, such as lawyers or security officials. Posing as these trustworthy entities, they will offer help to the victim company that is already in a state of shock, all for a fee.
- The Phishing remains impressively effective
Phishing remains popular and effective because people remain the weakest link in the security chain, Europol argues. Phishing has been one of the leading threat actors for many years and continues to be a favorite method for obtaining connections and personal information, as well as for covertly developing malware. Along with Remote Desktop Protocol (RDP) and VPN exploits, phishing emails with malware are the most common way to gain initial access to corporate networks, the report claims.
The widespread use of phishing kits βοηθά τόσο στην αυτοματοποίηση όσο και στη μείωση του πήχη για τους λιγότερο ικανούς τεχνικά κυβερνοεγκληματίες. Η Europol προειδοποιεί επίσης ότι εργαλεία τεχνητής νοημοσύνης χρησιμοποιούνται ήδη για την παραγωγή deepfake βίντεο και τη συγγραφή πιο ρεαλιστικών μηνυμάτων phishing.
- Young people are becoming more and more susceptible to criminal behavior
The websites του Dark Web αποτελούσαν ανέκαθεν ένα μέρος όχι μόνο για την εμπορία κλεμμένων δεδομένων και εργαλείων hacking αλλά και γνώσεων. Σύμφωνα με την Europol, αυτό συνεχίζεται και σήμερα, με τους users seek and receive recommendations on how to avoid detection and how to make their attacks more effective. Tutorials, FAQs, and how-to manuals offer help with scams, money laundering, child sexual exploitation, phishing, malware, and more.
Perhaps more worryingly, suspicious websites and forums – some of which are apparently operational – are also being used to recruiting fresh blood, according to Europol. Young people are particularly exposed to: a 2022 report cited by Europol claims that 69% of young people in Europe have committed at least one form of cybercrime or online breach or risk-taking, including money laundering and digital piracys.
Clearly, law enforcement is ultimately only one piece of the puzzle. We need other sections of society to do their part in the fight against cybercrime. And we all need to get better at working together, just like cybercriminals do.
