From Cartels to Crypto: Trends Show Disruptive Cybercrime Evolving Rapidly
Cybercrime has expanded well beyond traditional practices like credit card theft and identity fraud. We are now witnessing the emergence of a new era where sophisticated criminal networks,operating like enterprise structures with their own respective corporate divisions engage in a myriad of illicit online activities, from ransomware extortion and money laundering to international espionage and contraband. Let’s delve into the influential trends that mark this evolution.
A Lot More Nation-State Activity
To gain a tactical advantage over their opponents, almost every country has historically engagedin some form of intelligence operations to analyze and interpret enemy capacity, intentions, and vulnerabilities. These intelligence operations have shifted online. State-backed propagandists are known to disseminate disinformation to sow discord and influence political elections. Some state-sponsored actors aim at causing large-scale disruption to water, fuel, and power infrastructures. Nations like North Korea employed hackers to abscond $200 million in crypto to fund its nuclear ambitions. Nation-state threat actors are targeting large organizations like Microsoft, HP and UnitedHealth in a bid to weaponize their technology.
Democratization of Tools and Knowledge
There was a time when the business of cybercrime required a certain level of knowledge and aptitude, limited to a number of skilled hackers. Today, organized cybercrime gangs have lowered the barrier of entry by building cybercrime-as-a-service ecosystems where threat actors sell their expertise, tools, infrastructure and services to any party willing to pay. Knowledge sharing is not just occurring from high-level to low-level groups, it is also happening the other way around. Numerous “leak sites” are in existence, where stolen data is publicly disclosed with the aim of coercing the victim into paying a ransom.
Dangerous Cyber Weapons Unleashed In The Wild
The U.S. National Security Agency (NSA) created an exploit called EternalBlue to carry out espionage activities. When EternalBlue escaped the lab, so to speak, threat actors modified and weaponized it to create devastating malware such as WannaCry, NotPetya and RobbinHood. Governments worldwide are grappling to control these WMDs, and should these viruses fall into the wrong hands, even the unskilled casual eavesdropper frequenting hacker forums can cause major damage.
New-age Cybercriminals Team Up With Organized Crime Syndicates
Threat actors are great at hacking. They can sniff out vulnerabilities, break into organizations and pilfer millions worth of crypto currency. The question is, what do they do with it next? Understanding code and hacking tools is one thing, but international finance, cryptocurrency, and money laundering are domains where hackers have scant knowledge. A new market emerges,catering to cybercriminals looking to partner with money launderers and criminal affiliates that can help transfer stolen funds, swap it, mix it with crypto, and convert it to fiat.
Cross-border Crime Creates Safe Havens
Cybercrime is a global business and with crypto, it has become too easy to disguise money transfers. This is obviously a major challenge for law enforcement because most cybercriminals operate from a different country. These agencies can at times pinpoint the location of the illegal activity; however, for a variety of reasons such as the host country not co-operating, or no extradition treaty agreement, law enforcement is powerless to make arrests or terminate the criminal activity. With cryptocurrency mixing, online banking operations, and shell companies, itbecomes difficult to trace a paper trail and determine identities. Most crime syndicates have an international, multi-country footprint.
In addition to the above trends, the maturing of AI is also deeply concerning. Cybercriminals have begun leveraging large language models to create fake voices, mock videos, and false identities (a.k.a. deepfakes). AI can be used to create highly evasive, polymorphic malware. Although generative AI has not yet been widely weaponized, its potential to scale operations should redirect priorities among businesses, organizations, and governments, prompting more investment in cybersecurity, preparedness, and mitigation strategies. While defenders may harness AI to identify suspicious patterns, emails, and malware, this does not guarantee that threat actors will not circumvent these countermeasures.
By 2029, global cybercrime costs are expected to peak at about $15 trillion. Organizations should keep a watchful eye on emerging threats like cyber, crypto, darknet, and AI, advocate and deploy stronger cybersecurity controls and security awareness training, cooperate with each other to improve collaboration, trace financial misdeeds back to its perpetrators and pass globalregulations that can take swift legal action from across international borders.
Steve Durbin
Steve Durbin is Chief Executive of the Information Security Forum (ISF), an independent association dedicated to investigating, clarifying, and resolving key issues in information security and risk management by developing best practice methodologies, processes, and solutions that meet the business needs of its members. ISF membership comprises the Fortune 500 and Forbes 2000.