Subscribe to our Newsletter!
By subscribing to our newsletter, you agree with our privacy terms
Home > Cybersecurity > Cyber crime threatens national security
October 13, 2021
Cybercrime is evolving as a threat to the national security of several countries, primarily motivated by financial advantage. On the bright side, these risks are becoming more evident as more victims of cybercrime share their stories. In addition, efforts by governments to combat these threats are also growing.
These are the key findings of the 2021 edition of Microsoft’s Digital Defense Report regarding the current status of cybercrime. The study was based on more than 24 trillion daily cybersecurity signals on Microsoft cloud, endpoints, and smart edges. It gathered information from more than 8,500 experts from 77 countries, including insights into the evolution of ransomware, malicious emails, malware, and other cyber pests.
Other aspects covered in detail by the research were current threats to nation-states; the security of vendor ecosystems, Internet of Things (IoT) and Operational Technologies (OT); the hybrid workforce; and misinformation. Also presented were learnings and practical recommendations compiled by Microsoft over the course of the study.
By 2021, cybercrime has become more sophisticated, more widespread, and ruthless, targeting critical infrastructure in healthcare, IT, financial services, and energy. In addition, the cybercrime chain is maturing, with the formation of marketplaces in which anyone, even without much technical expertise, can acquire the tools necessary to carry out criminal actions in cyberspace. By nature, these cybercriminal groups have a global presence, meaning that an individual in a certain country can buy, for example, phishing kits from a vendor in another nation.
According to Microsoft, the prices of these cybercrime tools have remained stable over the past few years. However, as in any other market, they can vary according to supply and demand.
The ransomware business model has evolved significantly and become much smarter. According to Microsoft, there is prior research into victim profiles and the appropriate ransom demand amount. Criminals already know which documents to hijack, understanding the penalties associated with violating the local laws of each sector and country. Not only do they threaten to encrypt files that are fundamental for the victims’ business, but also to publicly disclose customer data, which would mortally affect the reputation of the invaded companies.
There aren’t many barriers to entry in the current ransomware market. There are modules offered under the “as-a-service” model that can be used by novice hackers who share the amounts raised from criminal actions. Even access to specific target networks can be acquired in these crime syndicates. Payments are generally made via cryptocurrencies.
In 2020, there was a surge in phishing campaigns that remained stable throughout 2021. Microsoft identified an increase in the overall number of phishing emails, a downward trend in emails containing malware, and an increase in voice phishing (or vishing). Microsoft’s Digital Crimes Unit (DCU) investigated online organized crime networks involved with compromising corporate emails and found a wide diversification of how email credentials are obtained, verified, and used. The conclusion is that investments in automation and acquisition tools are growing in order to raise the profit from criminal activities.
Microsoft researchers have observed the three most common types of malicious emails:
The most prevalent perception among researchers and businesses is that victim credentials are handed over to an individual or group to simply conduct phishing campaigns. However, more sophisticated kits, with greater reach and potential, have been identified in the cybersecurity community, created by authors who are more technically skilled than the better-known phishers.
The examples presented in the report show that whatever the technology, criminals will be ready to exploit it for their own benefit and to the detriment of users. However, Microsoft points out that in order to minimize the impacts of possible attacks, it is possible to adopt practices and architectures that help make businesses and people more technology resilient. The image below summarises this scheme.
November 25, 2022
November 14, 2022
November 03, 2022
October 18, 2022
October 13, 2022
October 05, 2022
September 19, 2022
Previous
Patching must prioritise vulnerabilities
Next
Risk by cybersecurity is second only to climate change