5 Cybercrime Trends to Watch

esteria.white

Business Security

New reports from Europol and the UK’s National Crime Agency (NCA) shed light on how the fight against cybercrime is being carried out.

Staying Ahead of Threats: 5 Cybercrime Trends to Watch

Law enforcement remains an integral part of the fight against agile and increasingly resourced adversaries. Consumers and businesses too can – and should – continue to improve their defenses, while vendors have an important role to play in researching emerging threats and integrating protection into their products. In fact, they can even help police monitor, disrupt and eliminate the bad guys – and ultimately send the message that cybercrime doesn’t pay.

5 Cybercrime Trends to Watch

  • Nation states team up with cybercriminals

State-sponsored activities and cybercrime have for years been quite distinct domains. The first revolved around cyberespionage and/or destructive attacks designed for geopolitical and military purposes. The latter was myopically focused on making money.

Worryingly, the ANC is seeing increasing convergence between the two. This is not only manifested by the fact that some actors use cybercrime techniques to steal money for the benefit of the state. Or in the fact that some governments turn a blind eye to the activities of ransomware and other groups.

Over the last year we have started to see hostile states start to use organized crime groups – not always of the same nationality – as proxies,” warns NCA boss Graeme Biggar. “This is a development that we and our colleagues at MI5 and CT (counter-terrorism) are monitoring closely.”

This is not the first time that experts, notably ourselves And HP among others, have noticed a growing link between organized crime and nation states. Indeed, just three months ago, ESET researchers wrote about the interesting case of the group called Asylum ambush which straddles crime and espionage.

But if this strategy becomes widespread, it will make it more difficult to attribute violations, while potentially equipping criminal groups with more sophisticated know-how.

  • Data theft fuels fraud epidemic

In the UK, fraud now accounts for 40% of all crimes, with three quarters of adults targeted in 2022 either by telephone, in person or online, according to the NCA. This stems in part from a steady stream of compromised data circulating on dark web marketplaces. Europol goes further, saying that data is the “core product” of the cybercrime economy, fueling extortion (e.g. ransomware), social engineering (e.g. phishing) and much more.

Increasingly, the data itself sold on these marketplaces is not just static information such as card details, but is also compiled from multiple data points retrieved from a victim’s device, says Europol. The cybercrime supply chain, from data theft to fraud, can involve many distinct actors, from initial access brokers (IABs) and bulletproof hosts, to anti-defense service providers. malware and encryption.

This service-based economy is surprisingly efficient. However, the NCA says these professional services can also assist law enforcement by “providing a rich set of targets that, when disrupted, have a disproportionate impact on the criminal ecosystem.”


  • The same victims are often targeted repeatedly

The way underground cybercrime operates today even means organizations that have just been hacked may be unable to breathe a sigh of relief knowing that the worst is behind them. For what? Because IABs sell multiple threat actors for access to the same organizations, there are typically no exclusivity agreements written into the agreements. This means that the same set of compromised corporate credentials could circulate between multiple bad actors, Europol explains.

Fraudsters also manage to maximize their profits from their victims. Investment fraudsters may contact their victims after stealing their money, but this time posing as lawyers or police officers. Posing as these trusted officials, they will offer assistance to the traumatized victim company, for a fee.


  • Phishing remains surprisingly effective

Phishing has been one of the main threat vectors for many years and continues to be a preferred route to obtain identifiers and personal informationas well as secretly deploy malware. It remains popular and effective because humans remain the weakest link in the security chain, says Europol. Next to brute forcing Remote Desktop Protocol (RDP) and exploitation of malware-laden VPN bugsEmail hacking is the most common way to gain first access to corporate networks, the report says.

Unfortunately, there is little sign that attackers are adopting other tactics, even though phishing remains as effective. The widespread use of phishing kits contributes to both automation and lowering the bar for less technically savvy cybercriminals. Europol also warns that generative AI tools are already being deployed to create deepfake videos and write more realistic phishing messages.


  • Criminal behavior is increasingly normalized among young people

Dark Web sites have always been a place to exchange stolen data and hacking tools, but also knowledge. According to Europol, this situation persists today, with users searching for and receiving recommendations on how to avoid detection and make their attacks more effective. Tutorials, FAQs, and how-to manuals provide help with fraud campaigns, money laundering, child sexual exploitation, phishing, malware, and more.

Perhaps more worrying is the fact that underground sites and forums – some of which operate on the surface web – are also used to recruit fresh blood, according to Europol. Young people are particularly exposed: a 2022 report cited by Europol states that 69% of young Europeans have committed at least one form of cybercrime or online harm or taken risks, including money laundering and digital piracy.

Ultimately, law enforcement is only one piece of the puzzle. We need other parts of society to do their part in the fight against cybercrime. And we all need to get better at working together, just like the bad guys do.

Leave a comment