The incidence of cyberattacks globally increased by 125% in 2021 compared to 2020, posing a serious threat to businesses and individuals alike. Phishing continues to be the most prevalent form of cybercrime worldwide and is expected to continue this upward trend into 2022, showing that cybercrime is becoming more prevalent worldwide.
There was a report in 2021 that around 323,972 internet users were victims of phishing attacks, covering nearly half of all the individuals who were affected by data breaches. During the peak COVID-19 pandemic, around 220% of complaints of phishing were reported, further escalating cybersecurity risks.
Nearly one billion emails were exposed as well in 2021, which has affected approximately one in five users of the internet, with approximately 60 million emails being exposed. The constant exposure of sensitive information may have contributed to the prevalence of phishing attacks, which reinforces the importance of enacting stronger cybersecurity measures to reduce the risk of such attacks.
There have been numerous instances where criminal groups have deployed ransomware to disrupt business operations for extortion.
They have recently included threats concerning the exposure of their stolen data in their extortion strategies.
Now that this method is regarded as a standard practice, it has resulted in a significant increase in the amount of sensitive information that is publicized, which has resulted in such data becoming increasingly accessible, which presents opportunities for state intelligence agencies to obtain and utilize such data to their advantage.
The Mandiant Incident Response Group of Google recently released a report that indicated that in 2024, the organization worked to mitigate nearly four times as many cyber intrusions related to financially motivated groups as those related to nation-states. This report may help shed further light on the issue.
Despite the differences in motivation, cybersecurity experts have observed that the tactics, techniques, and procedures used by financially motivated cybercriminals and state-sponsored threat actors appear to be merging, potentially by design, together as they pursue their objectives.
In the opinion of Ben Read, Senior Manager at Google's Threat Intelligence Group, an expansive cybercriminal ecosystem has increased the number of state-sponsored hacking attacks, most likely because the ecosystem provides malware, exploits weaknesses, and, in some cases, facilitates broad-based cyber operations.
In the course of his speech, he pointed out that when outsourcing capabilities to third parties, they are frequently more cost-effective and offer greater functionality than when developed directly by governments.
According to a geopolitical perspective, a market-driven cyber attack can be just as damaging and disruptive as one orchestrated by a nation-state, underscoring the need for a comprehensive cybersecurity strategy that attracts as many resources as possible.
Cybercrime played a significant role in the COVID-19 pandemic. Businesses were compelled to change over to remote working environments rapidly as a result of the virus spreading, which created vulnerabilities in security protocols and network misconfigurations that were exploited by cybercriminals.
Consequently, malware attacks increased by 358% in 2020 and were 100 times greater than in the previous year as a result of the pandemic. Cybercrime victims per hour were also at an all-time high as a result of the epidemic.
Cybercrime victims have been reported to have fallen victim to cybercrime on an average of 53 persons every hour for the entire year of 2019. However, the number is projected to be 90 per hour for 2020, which reflects a surge of 69%.
It has been demonstrated that cybersecurity risks are increasing as a result of the rapid digital transformation resulting from the global health crisis in Pakistan. Cybercrime has become increasingly common in recent years in Pakistan, with financial fraud being the most common reported crime.
The number of financial fraud-related cybercrimes reported in 2020, out of 84,764 total complaints received, surpassed incidents of hacking (7,966), cyber harassment (6,023), and cyber defamation (6,004) by a margin of 20,218 victims.
Social media has further aggravated the problem as well, with the number of complaints submitted about financial fraud on these platforms increasing by 83% between 2018 and 2021. In 2021 alone, 102,356 complaints were filed, with 23% of the cases being linked to Facebook and one other social network.
As a consequence, cybercrime has also seen a sharp increase in India, with reported cases of cybercrime increasing significantly over the last few years.
In 2018, there were 208,456 reported incidents, and in the first two months of 2022, this number had already exceeded 212,485, which is significantly higher than the number of cases in 2018.
There is no doubt the pandemic triggered a steady rise in cybercrime incidents, which increased from 394,499 in 2019 to 1,158,208 in 2020 and to 1,402,809 in 2021 due to the pandemic.
In 2022, cybercrime in India is projected to increase by 15.3% from the first quarter to the second quarter, in addition to the number of websites that have been hacked in India, increasing from 17,560 in 2018 to 26,121 in 2020.
As Ransomware attacks have risen over the years, it has also become a major concern for Indian organizations, with 78% affected by these attacks in 2021, which resulted in 80% of them encrypting data, a number that is higher than the global average of 66% for attacks and 65% for encryption.
According to the Home Ministry, financial fraud continues to account for the largest percentage of reported incidents among cybercriminals in India, accounting for 75% of them between 2020 and 2023, reaching a peak at over 77% in that period.
As a result of joint sanctions imposed on Tuesday by the United States, the United Kingdom, and the Australian governments, security experts and experts are concerned about a Russian bulletproof hosting provider, Zservers. Zservers is suspected of facilitating ransomware attacks, including those orchestrated under LockBit.
There are certain applications that, according to the UK government, form part of an illicit cyberinfrastructure that facilitates cybercriminal activities, such as ransomware attacks, extortion, and storage of stolen data, and sustains the operations of cybercriminal businesses, which are responsible for such operations.
The British Foreign Secretary, David Lammy, has described Russia as a corrupt and implacable country characterized by its ruthlessness and corruption, stating that it is not at all surprising that some of the world's most notorious cybercriminals operate within its borders.
Russian intelligence agencies themselves have been reported to use these cybercriminal tools and services. Google's Threat Intelligence Group has highlighted that Russian military operations in Ukraine are being supported by criminal cyber capabilities as part of Russia's strategy for bolstering military operations.
There are several specific examples, including the Russian military intelligence unit Sandworm, also known as APT44, that utilizes commercial hacking tools for cyber espionage and disruption, and Moscow also uses the RomCom group to conduct espionage activities against Ukraine, a group normally associated with cybercrime.
It should also be noted that Russia is not the only country accused of blurring the line between state-sponsored hacking and crime.
The Iranian threat actors have been reported to use ransomware to generate financial resources. They are also known to engage in cyber espionage, while Chinese cyber espionage groups are known to also get involved in cybercrime as a means to complement their activities.
It is suspected that North Korea is a nation that actively exploits cyber operations for financial gain, and it heavily targets cryptocurrency exchanges and individual crypto wallets to generate revenue for its regime to support its nuclear programs.
The threat of cybercrime is on the rise, and the government is being urged to take stronger measures to combat it. In a recent report, the Google Threat Intelligence Group emphasized the critical importance of disrupting cybercriminal operations, emphasizing that cyber threats are becoming a major national security threat.
Google Threat Intelligence head Sandra Joyce recently issued a warning that cybercrime no longer needs to be seen as a minor issue and that considerable efforts are required to mitigate its impacts on international security going forward.
