From cartels to crypto: trends show disruptive cybercrime is evolving rapidly

Cybercrime has evolved far beyond traditional practices such as credit card theft and identity fraud. We are now witnessing the emergence of a new era in which sophisticated criminal networks, operating as corporate structures with their own business units, engage in a multitude of illicit online activities, from ransomware extortion and money laundering to international espionage and contraband. Let’s take a look at the influential trends that characterize this evolution.

Much more nation state activity

In order to gain a tactical advantage over their opponents, nearly every nation has historically conducted some form of intelligence operations to analyze and interpret enemy capabilities, intentions, and vulnerabilities. These intelligence operations have moved online. State-sponsored propagandists have been known to spread disinformation to sow discord and influence political elections. Some state-sponsored actors aim to cause large-scale disruptions to water, fuel, and energy infrastructure. Countries like North Korea have employed hackers to steal $200 million in crypto to fund its nuclear ambitions. Actors who pose a threat to the nation-state are targeting large organizations like Microsoft, HP, and UnitedHealth in an attempt to weaponize their technology.

Democratization of resources and knowledge

There was a time when cybercrime required a certain level of knowledge and skill, limited to a few skilled hackers. Today, organized cybercrime gangs have lowered the barrier to entry by building cybercrime-as-a-service ecosystems where threat actors sell their expertise, tools, infrastructure, and services to any party willing to pay. Knowledge sharing doesn’t just happen from high-level to low-level groups, it happens the other way around as well. There are numerous “leak sites” where stolen data is made public with the goal of forcing the victim to pay a ransom.

Dangerous cyber weapons unleashed in the wild

The US National Security Agency (NSA) created an exploit called EternalBlue to conduct espionage activities. When EternalBlue supposedly escaped the lab, threat actors modified and weaponized it to create devastating malware such as WannaCry, NotPetya, and RobbinHood. Governments around the world are struggling to contain these weapons of mass destruction, and if these viruses fall into the wrong hands, even the unskilled, casual eavesdropper who frequents hacker forums can do great damage.

New age cybercriminals collaborate with organized crime syndicates

Threat actors are great at hacking. They can find vulnerabilities, breach organizations, and steal millions in cryptocurrency. The question is, what do they do with it next? Understanding code and hacking tools is one thing, but international finance, cryptocurrency, and money laundering are domains that hackers have little knowledge of. A new market is emerging, one that focuses on cybercriminals who want to work with money launderers and criminal partners who can help move stolen funds, exchange them, mix them with crypto, and convert them to fiat.

Cross-border crime creates safe havens

Cybercrime is a global business, and with crypto, it has become far too easy to disguise money transfers. This obviously poses a major challenge for law enforcement, as most cybercriminals operate from another country. Law enforcement agencies can sometimes pinpoint the location of the illegal activity; however, for various reasons, such as host country uncooperation or lack of an extradition treaty, law enforcement is powerless to make arrests or shut down the criminal activity. With cryptocurrency mixing, online banking, and shell companies, it becomes difficult to trace a paper trail and establish identities. Most criminal syndicates have an international, multi-country footprint.

In addition to the above trends, the maturation of AI is also of great concern. Cybercriminals have begun using large language models to create fake voices, fake videos, and fake identities (also known as deepfakes). AI can be used to create highly evasive, polymorphic malware. While generative AI has not yet been weaponized at scale, its potential to scale operations should shift the priorities of businesses, organizations, and governments, leading to increased investment in cybersecurity, preparedness, and mitigation strategies. While defenders can use AI to identify suspicious patterns, emails, and malware, this does not guarantee that threat actors will not evade these countermeasures.

By 2029, the global cost of cybercrime is expected to peak at approximately $15 trillion. Organizations must keep a vigilant eye on emerging threats like cyber, crypto, darknet, and AI, advocate and implement stronger cybersecurity controls and security awareness training, work with each other to improve collaboration, trace financial crimes back to their perpetrators, and adopt global regulations that can take swift legal action across international borders.

The post From Cartels to Crypto: Trends Show Disruptive Cybercrime Is Evolving Rapidly appeared first on Cybersecurity Magazine.