According to a recent threat landscape assessment, cybercriminals have packed ransomware and other malware tools into as-a-service offer that are so simple to use that even rank beginners will be able to conduct devastating cyberattacks in 2023 for practically no money.
With the growth of cyber-crime-as-a-service [CCaaS], ransomware, once the domain of sophisticated gangs, has become so simple to deploy that “almost all barriers to entry for committing cybercrime [have been] erased,” the security company Sophos said in the release of its new 2023 Threat Report.
Sean Gallagher, the principal threat researcher at Sophos, cautioned that “this isn’t just the usual fare, such as malware, scamming, and phishing kits for sale,” warning that “nearly every aspect of a cybercriminal compromise” can be purchased on an as-a-service basis from underground marketplaces, including infecting targets initially, avoiding detection, harvesting sensitive data, and managing devastating ransomware attacks.
Higher-rung cybercriminals are now offering other cybercriminals “technologies and skills that were previously only available to some of the most sophisticated attackers,” according to Gallagher.
The Cobalt Strike penetration-testing kit, for instance, is used by attackers to hide their activities, according to recent “OPSEC-as-a-service” advertisements seen by investigators. Because this practice is so problematic, Google released a set of tools to assist potential victims in identifying Cobalt Strike infections in their networks.
Cybercriminals have long outsourced skills like scanning-as-a-service, combining commercial tools like Metasploit to scan targets for exploitable vulnerabilities since they constantly seek methods to scale up their operations.
Sophos highlights the “naughty nine” rogue’s gallery of CCaaS services, which can be rented and include access, malware, phishing, operational security (OPSEC), crypting, scamming, spamming, and even vishing, in which AI bots handle victim calls.
Painting the cyber landscape for 2023
Access to the CCaaS services is likely to turn into stocking stuffers for the cybercriminal with everything because extensive and sophisticated credential theft and other cyberattacks are readily available to anyone for a few dollars.
This indicates that by 2023, businesses will be increasingly targeted by novice cybercriminals acting with lethal efficacy.
According to a recent Rubrik Labs study of 1,625 IT and security decision-makers, 125 of whom were located in Australia; the threats are severe. They could get worse if attack tools become more widely available.
Australian respondents indicated they learned about cyberattacks on their company 31 times on average in the previous year, with 64% reporting they had experienced a data breach.
That was far higher than the global average of 52%, supporting recent findings that Australian boards of directors are the least cyber-aware globally.
Despite efforts to change this by organizations like the federal government and the Australian Institute of Company Directors (AICD), as well as industry commitments to improve security generally, many local businesses are likely to enter 2023 on the back foot due to a persistent shortage of cyber security talent.
73% of Rubrik respondents stated they would consider paying a ransom, including 47% who said they would be “very” likely to do so, suggesting that even petty cybercriminals could benefit from a minor investment in CCaaS.
However, Sophos identified several other important issues that must be resolved before 2023.
Sophos highlighted that the innovation of cybercriminals had no bounds, noting that the conflict in Ukraine had sparked an explosion of financially motivated scams and disrupted illicit relationships between Russian and Ukrainian criminal organizations.
Mobile devices “are now at the centre of new types of cybercrimes,” the company warned, noting the rise in fake applications for distributing malware injectors, spyware, and malware related to banking, as well as newer “pig butchering” schemes that target cryptocurrency bigwigs.
Cybercriminals were also improving their “living off the land” strategies, which involved using reliable and unobtrusive network tools to get through network security monitors and infect computers with malware.
As a result of organizations like Lockbit 3.0 implementing continuous improvement techniques like bug bounties, according to Gallagher, “ransomware has become, first and foremost, a business.”
The threat landscape is impacted by the commoditization of almost every aspect of cybercrime, creating opportunities for attackers of all skill levels.
About Author
