For example, an individual’s avatar is a gateway to sensitive personal information (PII), making it a prime target for attackers. Fortinet has published the cyber threat forecasts of FortiGuard Laboratories, the company’s global threat intelligence and research body, for the year 2023 and beyond.
From rapidly evolving cybercrime-as-a-service (CaaS) attacks to new exploitation of unconventional targets such as edge devices or online worlds – the volume, variety and scale of cyber threats will keep security teams on high alert in 2023 and beyond.
Ransom-as-a-Service (RaaS) attacks
Given the success of Ransomware-as-a-Service (RaaS) attacks, many additional attack types will become available as a service through the dark web and will constitute a significant expansion of Cybercrime-as-a-Service (CaaS).
Beyond the sale of ransomware and additional offers of malware as a service (Malware-as-a-Service), new services will also emerge that can be ordered. Cybercrime as a service presents an attractive business model for malicious actors. Using varying skill levels, hackers can easily use ready-to-use tools without investing time and resources up front to create their own unique attack plan.
For experienced cyber criminals, creating and selling a basket of attack solutions as a service offers a simple and fast payment option. Going forward, subscription-based CaaS offerings could potentially provide additional revenue. In addition, the hostile actors will begin to leverage new attack mechanisms such as deep-fake and offer the videos and audio recordings and related algorithms for purchase more widely.
Collecting intelligence as a service
Another aspect regarding the way in which the organized nature of cybercrime will enable the use of more effective attack strategies includes the future of intelligence gathering.
As attacks become more targeted, it appears that threat actors will likely hire dark web “detectives” to gather intelligence about a specific target before launching an attack.
Similar to the insights you get when hiring a private investigator, Reconnaissance-as-a-Service offers will provide an attack map and include the organization’s security map, the primary cybersecurity team, the number of servers in the organization, known external vulnerabilities, and leaked personal information for the purpose sale and to help the cybercriminals carry out a targeted and effective attack.
Money Laundering as a Service (LaaS)
To aid the growth of cybercrime organizations, the heads of the organizations and partner programs employ money launderers who knowingly or unknowingly are used to launder money. Money laundering is often done through anonymous money transfer services or through the exchange of cryptocurrencies to avoid detection.
Setting up fundraising campaigns for money launderers is a time-consuming process, with the criminals going to great lengths to create websites for fake organizations and subsequent job listings to make their businesses appear genuine. Soon, cybercriminals will start using machine learning for targeted recruitment, which will help them better identify potential money launderers, while reducing the time to find them.
Manual money laundering campaigns will be replaced by automated services that transfer funds through layers of crypto conversion, making the process faster and harder to trace. Money Laundering-as-a-Service (LaaS) can quickly become popular as part of the cybercrime-as-a-service portfolio.
For the organizations or individuals who fall victim to this type of cybercrime, the move to automation means that money laundering will be harder to detect, reducing the chances of recovering the stolen funds.
Virtual cities and online worlds
The Metaverse brought new experiences, which are fully embedded in the online world and virtual cities are among the first to rush into this new version of the Internet, driven by augmented reality technologies. Retailers are even launching digital goods available for purchase in these virtual worlds.
While these new online targets open up a whole world of possibilities, they also open the door to an unprecedented rise in cybercrime in unfamiliar territory. For example, an individual’s avatar is a gateway to sensitive personal information (PII), making it a prime target for attackers.
Since private individuals can purchase goods and services in the virtual cities – digital wallets, cryptocurrency exchange, NFT and other currencies used to make transactions, offer the threat actors another evolving attack surface.
Biometric hacking can also become a real possibility because of AR and VR-powered components of the virtual cities, making it easier for cybercriminals to steal fingerprint mapping, facial recognition data or retinal scans and use them for malicious purposes. In addition, the applications, protocols, and transactions in these environments are all potential targets.
File deletion software
The Wiper malware made a dramatic comeback in 2022, as attackers introduced new versions of the decade-old attack method. According to FortiGuard Labs’ Global Threat Map report for the first half of 2022, an increase in disk-wiping malware was seen at the same time as the war in Ukraine, but the software was also detected in 24 other countries and not only in Europe.
The increase in the prevalence of the Wiper software is worrying because it could be just the beginning of something more destructive. Beyond the existing reality of threat actors who combine a computer worm with malicious deletion software and even ransomware for maximum effect, the future concern is turning the malicious deletion software into an accessible consumer product for cybercriminals.
Malware that was uploaded
To be developed and implemented by hostile elements under the auspices of the state, may reach and be reused by criminal groups through the cybercrime as a service model. Given its wide availability along with proper usage, the malware removal software can cause powerful destruction in a short period of time. This makes the detection time and speed of repair of the security teams of utmost importance.
December 29, 2022 Published by The Israel Defense News.