Cybercrime outnumbers arms, drugs and human trafficking combined
Cybercrime now accounts for more than 1.5% of global GDP. It has reached the trillion-dollar mark, reaching a volume that adds up to that of the other three big economic "engines" in the world of crime: illegal arms trafficking, human trafficking and the illegal drugs market. In terms of its targets, it is aimed at all markets, but mainly at businesses, governments and administrations. Worse still, victims only become aware when there is little they can do.
Cybercrime organisations operate like any other business. In fact, their goals are the same: to reduce costs, increase revenues and improve efficiency and business continuity. So much so that some of them, such as the cybercriminal group DarkSide, even have a code of conduct.
Francisco Valencia, CEO of Secure&IT warns: "We are in a time of great political polarisation, armed conflicts, energy and food crises, economic inflation... All of this has meant that cybercrime has become a very viable option for many people, and the figures prove it: cybercrime moves almost twice as much money as drug trafficking, arms and human trafficking combined".
However, according to the deputy director of INCIBE's National Coordination Centre (NCC), Ignacio González, the general perception of users in our country is that they are less attacked: "In general, year after year, users think that they are less attacked. However, the real trend is increasing. In fact, the percentage of users who report having malware on their computers is very low, especially when compared to reality".
These are some of the cybersecurity issues that have been discussed at the conference "The responsibility of the company in the face of new cyber threats", organised by Secure&IT. It was made clear that the main objective of cybercriminals is to obtain information and money, generate political instability and destabilise the Western model, i.e. Europe and the USA.
Cybercrime today
In the cybercrime landscape, there are different profiles, but the main actors are: lone attackers, mercenaries who sell themselves to the highest bidder; organised crime, which includes organisations such as DarkSide, Revil, Anonymous, etc.; countries, such as Iran, Russia, China or North Korea, which seek a military, economic or political advantage and, to do so, hire many of these organised crime groups; and, finally, "insiders", i.e. employees, customers or suppliers whose attacks may be intentional or unintentional.
In terms of attack types, there is an increase in command and control attacks, attacks targeting OT, mobile devices and IoT, information theft with blackmail - the so-called "CEO fraud" -, credential theft and phishing, and especially ransomware with exfiltration.
One of the cybercriminal organisations that is spreading terror in RaaS (Ransomware as a Service) is LockBit. Its new LockBit 3.0 variant has become one of the malware with the highest number of victims worldwide. This ransomware automatically searches for its targets, spreads the infection and encrypts all accessible devices on a network. It is used to launch targeted attacks against organisations, with the aim of disrupting their activity, extorting them and stealing data for possible publication. In fact, Lockbit 3.0 is the malware that most worries the experts gathered at the Secure&IT conference.
During the conference, Jorge Bermúdez, Prosecutor attached to the Computer Crime Section of the Provincial Prosecutor's Office of Gipuzkoa, also analysed the case of the cyber-attack on the Judicial Neutral Point (PNJ). The attack was perpetrated by the hacker José Luis Huertas, alias Alcasec, who was recently released after being remanded in custody on charges of stealing and selling 1.5 million tax data of almost 600,000 taxpayers.
