A 2022 report published by TrendMicro shows just how smart and competitive the world of Cybercrime is becoming, even to the point of networking with legitimate sources:
Agenda, BlackCat, Hive and RansomExx have switched to developing in Rust, a cross-platform language that is harder to detect by anti-virus engines
LockBit 3.0 introduced a "Ransomware Bug Bounty" program offering remuneration for anyone who submit security vulnerability reports
BlackCat has improved their operations by partnering with various RaaS (Ransomware as a Service) platforms with considerable experience in the industry
"When the massive success of Cybercrime is leveraged against legitimate business, it unfairly leverages the increased threat of data breaches, regulatory action and crushing ransom demands. Without proper encryption, any business is vulnerable." -Ron Harmon, President of Celerit Technologies
Cybercrime is projected to be an $8 trillion business in 2023, with the average per-instance impact crossing the $4 million mark.
Tactics are also changing. Social Engineering scams have improved and adapted to new technologies being deployed by enterprises to accommodate hybrid work (like VPN technology). And, according to underground forum users, deep fake technology is being shared with the plan to deploy the tool specifically against banks and financial institutions. Business Email Compromise schemes will become especially prolific, as they do not require an extensive amount of technical proficiency and rely on vulnerability of a task-oriented, and often over-burdened workforce.
Finally, the speedy migration to cloud opens a massive issue for CISOs (Chief Information Security Officers) and other technology director personnel. Abilities, features and cost structures for each provider vary, placing undue pressure on the oversight bandwidth of IT leaders.
Cybercriminals are more structured and professional than ever before, and their business models are built for global targets and lucrative financial goals. Their creative and widespread approaches mean that customers need equally creative and thorough protection. In the next year, new attack combinations will bypass simple point-based solutions. Customers need to take action to protect their corporate and consumer data on a comprehensive scale to stay ahead of cyberthreats in 2023 and beyond.
Celerit Technologies is an established service provider in technology to the banking and financial services industry for over 30 years. Today, they work with enterprises of all sizes, across multiple industries, deploying agile technology designed to address cybersecurity, compliance, communication and customer experience.
Learn more about Celerit Technologies here.
(c) 2023 Celerit Technologies