Top 5 cybercrime trends to watch in 2023

The end of the year is often a time of reflection, but for businesses, it’s also a time for preparing for the challenges and opportunities that lie ahead. The constantly evolving nature of security, privacy, and regulatory compliance often ends up leading that conversation, for good reason. In today’s post, we’ll look at some of the trends expected to shape the world of cybercrime in 2023.

Multichannel phishing scams became a top concern during the pandemic, with cyberattackers being quick to exploit the rapidly emerging vulnerabilities that came with having everyone work from home. However, with the hybrid work model now being well-established as the new norm, it’s safe to assume that multichannel phishing scams will also become more prevalent.

When it comes to mitigating the ever-pervasive risk of social engineering scams, cybersecurity teams often focus on protecting email, sometimes at the expense of other channels. Criminals are well aware of this, which is why they’re increasingly focused on getting potential victims off email and onto instant messaging apps and other channels. These channels often lack the necessary monitoring, making it difficult to track and mitigate social engineering attacks.

Perhaps one of the most concerning trends emerging in the world of cybercrime is the misuse of artificial intelligence and machine learning. It’s likely just a matter of time before emerging AI-powered technologies like voice cloning and deepfake images and videos become common weapons in the cybercriminal’s arsenal. After all, the past year has seen immense progress in the space, making it even harder to tell apart the real from the fake.

So-called synthetic media, such as AI-generated images and highly convincing chatbots, are evolving rapidly as subdomains of AI and ML. As with most technological developments, it has its legitimate and artistic uses too, but it’s also prone to misuse, especially given the regulatory landscape is unable to keep up.

No longer does the risk of receiving a phone call from someone who sounds like a colleague, but who’s actually an impersonator, belong to the realm of science fiction. In fact, the threat is real enough for the FBI to release a public warning. We’ve already seen highly convincing deepfake videos as well, with anyone now able to create a deepfake with nothing more than a photo of the individual they want to impersonate.

As every cybersecurity professional knows, every device with an internet connection is another potential weak point in a network. In today’s hybrid work environments, that includes a growing multitude of business and employee owned mobile devices, internet-of-things (IoT) devices, virtualized assets hosted in the cloud, and individual apps themselves.

Given this rapid expansion of attack surfaces, the castle-and-moat approach to cybersecurity is no longer enough. Today, cybersecurity teams need to shift the focus more to account- and application-level security to protect them from hackers, malware, and social engineering. For example, popular apps like WhatsApp and Slack, despite their increasingly important role in the modern workplace, exist outside your local in-house environment, making them harder to monitor and control. At the same time, you can hardly run a modern business without modern communications, which is why it’s important to find a way to use such tools without adding risk to your business.

Over the past few years, cybercriminals have enjoyed enormous success with the ransomware-as-a-service model (RaaS), which mimics the practices of legitimate SaaS businesses, albeit to launch ransomware attacks at scale. However, ransomware is far from the only threat doing the rounds on the dark web. Many other forms of crime-as-a-service, or CaaS, are starting to emerge too.

CaaS is dangerous because it effectively crowdsources cybercrime by allowing those lacking in technical skills themselves to participate. Over the next few years, we can expect dark web crime syndicates to offer a broader range of ‘services’, including turnkey, subscription-based offerings involving the sale of pre-compromised assets, such as stolen WhatsApp accounts or sets of login credentials.

Another emerging area of dark web cybercrime is reconnaissance-as-a-service, where threat actors hire individuals to gather information on their potential targets. In many ways, these so-called pre-exploitation services mimic the practices of market research firms but, instead of looking for potential customers, they’re looking for unwitting victims.

While we’re on the topic of organized cybercrime, we certainly can’t afford to ignore the rapid rise of state-sponsored attacks. With the digital realm now undeniably being the fifth theater of war, the risk of highly sophisticated attacks launched by groups funded by rogue states is higher than ever. Soaring global tensions in the wake of Russia’s illegal invasion of Ukraine are a key driver of the increase, which will almost undoubtedly continue to be the case next year and beyond.

A common mistake among business leaders is to think that, so long as they’re not involved in the critical infrastructure, defense, or government sectors, they’re not likely targets for attacks that are typically politically or militarily motivated. Unfortunately, they’d be wrong. Such attacks can target any company, especially high-value businesses, organizations that handle sensitive information belonging to political figures, and those with active government contracts. Rarely do state-sponsored attackers go directly for the obvious targets – they usually look for easier ways somewhere down the supply chain.

Cybersecurity is really just an endless race between cybercriminals and their potential victims as either side strives to leverage technology to their advantage. While the human element is and likely always will be the weakest link in security, innovations like artificial intelligence and automation help attackers launch their malicious campaigns at a scale that wasn’t possible before. Businesses need to deploy similar technologies in order to keep up.

When it comes to mitigating risk, business leaders must continuously reevaluate their security strategies. This requires understanding the evolving lifecycle of cyberattacks, particularly with regard to how social engineering often plays a central role from the very outset. To stay safe both now and tomorrow, they need to focus on educating their employees and maintaining strict policies concerning how they monitor and govern business communications.