Law enforcement is an important comeye του πάζλ στη μάχη κατά των εγκληματιών του ψηφιακού κόσμου. Ένα άλλο κομμάτι είναι οι καταναλωτές και οι επιχειρήσεις, που μπορούν – και πρέπει – να συνεχίσουν να βελτιώνουν την άμυνά τους. Το τρίτο μέρος του πάζλ είναι οι Companies who are active in digital security. The role these companies are asked to play is to research new threats and build protection into their products. “Cybersecurity companies can even help police track, locate, and neutralize cybercriminals – and ultimately send the message out there that cybercrime doesn't work,” says Phil Muncaster from global cybersecurity firm ESET.
Let's see who they are 5 new trends in the digital crime space that, according to Muncaster, we need to keep in mind.
- States cooperate with cybercriminals
State-sponsored activity and cybercrime have been separate domains for several years. The first revolved around cyberespionage and/or destructive attacks aimed at advancing geopolitical and military objectives. The second focused myopically on extracting money.
Worryingly, today, Great Britain's National Crime Agency (NCA) is increasingly seeing a convergence between the two. This manifests itself not only in the fact that some operators use cybercrime techniques to steal money on behalf of the state. Or the fact that some governments turn a blind eye to the activities of ransomware and other cybercrime groups.
In the last year we have started to see hostile states using organized crime groups - not always of the same nationality - as proxies, warns NCA chief Graeme Biggar. "This is a development that we and our colleagues in the counter-intelligence agency MI5 and the counter-terrorism agency are following closely."
It is not the first time that the experts, among others ESET and HP, observe a growing relationship between organized crime and nation states. Indeed, just three months ago, ESET researchers presented the interesting case of the group called Asylum Ambuscade that straddles the line between crime and espionage. But if this strategy becomes more widespread, it will make it harder to attribute breaches, while potentially empowering criminal groups with more sophisticated know-how.
- Data theft is fueling a fraud epidemic
In the UK, fraud now accounts for 40% of all crime, with three quarters of adults being targeted in 2022 either by phone, in person or online, according to the NCA. This is due in part to a constant barrage of exposed data flowing into dark web marketplaces. THE Europol it goes even further, arguing that data is the "primary commodity" of the cybercrime economy, fueling extortion (eg ransomware), social engineering (eg phishing) and more.
The data sold in such marketplaces does not just contain static information, such as credit card details cards, but are aggregated from multiple data points retrieved from a victim's device, Europol argues. The cybercrime supply chain, from data theft to fraud, can involve many separate actors, from initial access brokers (IABs) and bulletproof hosters, to vendors of antimalware tools and encryption services.
This service-based economy is surprisingly efficient. However, the NCA argues that these professional services can also help law enforcement, "providing a rich set of targets that, when disrupted, has a disproportionate impact on the criminal ecosystem".
- The same victims are targeted in a series of attacks
The way cybercrime works today means that even organizations that have just been breached may not be able to rest easy and consider the worst to be over. Initial access brokers (IABs) sell the same information to multiple threat actors. This means that the same set of compromised corporate credentials could be circulated among multiple cybercrime groups, Europol says.
Criminals are becoming more and more adept at making more and more money from their targets. For example, people involved in investment fraud may re-approach their victims, pretending to be different roles, such as lawyers or security officials. Posing as these trustworthy entities, they will offer help to the victim company that is already in a state of shock, all for a fee.
- The Phishing remains impressively effective
Phishing remains popular and effective because people remain the weakest link in the security chain, Europol argues. Phishing has been one of the leading threat actors for many years and continues to be a favorite method for obtaining connections and personal information, as well as for covertly developing malware. Along with Remote Desktop Protocol (RDP) and VPN exploits, phishing emails with malware are the most common way to gain initial access to corporate networks, the report claims.
The widespread use of phishing kits helps both automate and lower the bar for less technically skilled cybercriminals. Europol also warns that artificial intelligence tools are already being used for partreatment deepfake videos and writing more realistic phishing messages.
- Young people are becoming more and more susceptible to criminal behavior
Dark web sites have always been a place not only to trade stolen data and hacking tools but also knowledge. According to Europol, this continues today, with users seeking and receiving recommendations on how to avoid detection and how to make their attacks more effective. Tutorials, FAQs, and how-to manuals offer help with scams, money laundering, child sexual exploitation, phishing, malware, and more.
Perhaps more worryingly, suspicious websites and forums – some of which are apparently operational – are also being used to recruiting fresh blood, according to Europol. Young people are particularly exposed to: a 2022 report cited by Europol claims that 69% of young people in Europe have committed at least one form of cybercrime or online breach or risk-taking, including money laundering and digital piracy.
Clearly, law enforcement is ultimately only one piece of the puzzle. We need other sections of society to do their part in the fight against cybercrime. And we all need to get better at working together, just like cybercriminals do.
