External market figures suggest that the cost of cybercrime is predicted to reach over $12trn by 2025. Global economies and state governments continued to experience exponential rises in cyber-attacks over 2023, including cyber extortion and ‘Hacktivism’.
External market figures suggest that the cost of cybercrime is predicted to reach over $12trn by 2025, and the growth of cyber-attacks has been consistent as reported by several security providers – these include companies like Check Point Systems reporting an 8% increase in weekly cyberattacks in the first half of 2023, Orange Cyberdefense observing cyber extortion victims globally increasing by 46% over the past 12 months, and Palo Alto Threat Intelligence practice ‘Unit 42’ experiencing a 910% increase in monthly registrations for domains, both benign and malicious, related to ChatGPT, specifically in an attempt to mimic ChatGPT.
The generative AI threat
In particular, the threat landscape surrounding Artificial Intelligence (AI) is expanding aggressively where attackers use sophisticated linguistic techniques, including increased text volume, punctuation, and sentence length. The trend suggests that generative AI allows threat actors to craft sophisticated and targeted attacks at speed and scale. And as we move forward in 2024 and 2025 the market will see threat actors adopting AI to expand every aspect of their offensive toolkit. AI will be adopted to deliver more cost-efficient, rapid development of new malware and ransomware variants.
Deepfake technologies will take phishing and impersonation attacks to a new level. Businesses will embrace AI but will be threatened by its use in novel cyberattacks. There is also a risk that the dynamic character of AI-driven attacks could make static defense mechanisms ineffective.
Incidents like Cl0p ransomware made the headline.
The number of key events in 2023 in relation to cyber threats has been overwhelming and versatile in terms of impact to an organisation or government body. And even though cybersecurity is now a board-level issue there needs to be greater involvement at the executive board level by driving cybersecurity risk governance and steering committees to help minimise the risks imposed on the company or government entity.
Global tier one security providers Orange Cyberdefense highlighted a number of incidents like Cl0p that was credited in exploiting vulnerabilities in the public facing managed file transfer (MFT) solution of MOVEit Transfer by vendor Progree Software.
Other incidents included Microsoft stating that attacker STORM-0558 gained unauthorised access to Exchange Online data hosted in Azure. Microsoft also reported a Chinese threat actor named ‘Volt Typhoon’, claimed to be responsible for targeting critical infrastructure providers in Guam and elsewhere in the United States.
Cyber extortion and ‘Hacktivism’ will continue to accelerate in 2024
GlobalData’s research and analysis on security provider threat intelligence data highlighted several key observations:
- Cyber Extortion will remain prevalent, with a 30-50% increase, and affecting in the majority of the cases Corporations (largest share +50%), SMBs and government entities. As a result of the recent shift in growing economies regions like South Asia (namely India), Oceania and Africa will have the highest attacks.
- Vertical segments covering manufacturing, retail, professional services, financial and utilities will be the most vulnerable. This is partly driven by vulnerabilities across the legacy nature of their network, technology maturity, and elevated risk impact levels to the business as a result of cyber attacks.
- Hacktivism is rated high moving forward in 2024, where threat actors will continue to target either corporations or government bodies politically supporting certain entities. Predominately, distributed denial-of-service (DDoS) continues to be utilised due to the high impact on business continuity. Global tier one security providers covering Orange Cyberdefense and CrowdStrike have highlighted the Russia and Ukraine war, with countries covering Poland and Sweden being attacked. Key regions in Europe were also attacked accounting for 87% of registered attacks according to Orange Cyberdefense, followed by North America and the Middle East. Further acceleration of Hacktivism will also continue in 2024 due to the conflict in the Middle East between Israel and pro-Palestinian groups.
In summary, greater security centralisation aligned to business needs, as well as looking at wider risk factors outside of security, will be required by Corporations and government entities to address threats originating from cyber extortion and hacktivism.
Source: https://www.verdict.co.uk/rising-cyber-extortion-hacktivism/?cf-view&cf-closed