© 2022 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Cybercrime in 2023: ransomware, LockBit, and emerging hacktivism

With the war in Ukraine continuing and new cyber gangs emerging, many start to wonder: what’s waiting for us in 2023 on the cyber front?

Intel 471 released its 471 Cyber Threat Report, which details threats and predictions for the cybercrime landscape in 2023.

When it comes to the most affected regions by breaches, North America topped the list, followed by Europe. The US was targeted most often, as well as Germany, the U.K., Italy, and France. The report ties such findings with these countries being the world’s largest economies – consequentially, threat actors perceive Western companies as “worth” going after and more likely to pay a ransom. These regions will likely remain the most affected ones “by offers of unauthorized access to data, compromised networks, or systems in the underground.”

The consumer and industrial products sector was the most targeted by cybercriminals (19.6%,) which covers a wide range of organizations and consumers globally. This trend is also predicted to persist in 2023.

“This poses significant risk to global operations within the sector, as well as their third-party partners and supply chains, that process large volumes of valuable business data, customer information, payment card data and more,” the report elaborates.

It was followed by the manufacturing sector (15.3%) and the technology, media, and telecommunications sector (12.2%.)

Regarding the most common attack vectors, cybercriminals predictably opted for leveraging compromised credentials, such as access credentials for external remote services like Citrix, remote desktop protocol (RDP,) secure shell protocol (SSH,) and virtual private networks (VPNs).

Companies also commonly suffered from untimely or missed security patches, with threat actors purchasing or developing exploits for vulnerabilities. The National Vulnerability Database (NVD) recorded 18,092 vulnerabilities disclosed in 2020 and 19,584 in 2021.

Intel predicts that these two will remain “the most used initial access tactics considering threat actors of any skill level can easily obtain ready-to-exploit credentials and vulnerabilities from the underground market, giving them the ability to impact countless organizations worldwide.”

Following the initial intrusion, cybercriminals implemented a variety of attack methods against organizations. Ransomware was extremely common, amounting to 80.5% of breaches in May 2022. LockBit 2.0 was the most-impactful strain at 30% of all reported breaches for that month, followed by Conti and Hive.

“Overall, LockBit 3.0 will likely be as impactful as version 2.0 until the group is faced with insurmountable defense mechanisms, is taken down by law enforcement or ceases operations,” the report suggests.

While the majority of threat actors are still financially-motivated, more hacktivist groups have emerged following Russia’s invasion of Ukraine. These typically target institutions or organizations that don’t align with their ideological or political agenda, hence being more likely to go after critical infrastructure and government bodies. According to Intel, there likely could be an increase in threat actors engaging in hacktivist activity as the war continues.

Other emerging evolving threats include one-time password bypass, supply chain attacks, and information stealer malware.

More from Cybernews:

Post-quantum encryption algorithms under rigorous scrutiny: expect more hacks

Baseball card Mark Zuckerberg had made for him as a kid will go up for auction

Tutanota calls for a tighter grip on Big Tech

Ukraine dismantled million-strong disinformation bot farm

Winamp is back after revamp; nostalgia-inducing looks intact

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are marked