Hyper-professionalism, increasingly sophisticated cyberattacks, the struggle for talent – these are, according to Stormshield experts, the main trends that will appear in cybercriminals this year. Experts also predict an increase in the use of zero-day vulnerabilities. The situation with Log4Shell vulnerabilities will be a stimulus.
Online threats: phishing is not the only thing that disturbs the peace
From this text you will learn, among others:
What will be the most important trends in the environment of cybercriminals that will mark their presence?
What characterizes the ERP environment created by cybercriminals?
Why is it worth paying attention to Zero Day vulnerabilities?
According to experts from Stormshield, a European leader in the IT security industry, in 2021, cybercriminal groups have entered a real phase of consolidation of their structures. The ecosystem of ransomware groups is based on people with a variety of specialties, from developers to access providers and data vendors. According to experts, the assessment of ransomware against the Software as a Service has certainly increased in recent months, despite the so-called Ransomware Service as a criminal publication.
Cybercriminals are professionalizing themselves
Cybercriminals create a comprehensive management system for such a “company” with a kind of ERP environment, ie platforms that manage attack tools, customer service conversations or ransom payment channels. These groups even set up their own arbitration tribunals to “judge” the dispute between the platform and the cybercriminals in the absence of payment, says Alexander Kostuch, a Stormshield expert. “We are dealing with an ecosystem that can be scaled up to allow ‘ordinary cybercriminals’ to carry out cyberattacks and take advantage of the profits they make,” Alexander Kostuch added.
More complex cyberattacks
In 2021, 62 percent will be registered. The number of ransomware cyberattacks has increased, but criminals have also focused on cyberattacks and the spread of spyware in supply chains. You can describe the past year in the context of the activities of cybercriminals.
According to Stormshield, the expected trend in 2022 is the increasing complexity of attacks. According to experts from the European leader in the IT security industry, one of the activities in the coming months will be to take advantage of Zero Day vulnerabilities, as the log4shell problem caused a lot of noise last year.
A loophole in the Log4J library allows attackers to install malware and remotely force a special program used to execute any command in the library, such as stealing confidential information. Log4j The maximum CVSS score classified by the General Weakness Assessment System was 10.
In December 2021, the government of the Canadian province of Quebec prematurely blocked 4,000 government websites to prevent this threat. At the same time, Microsoft’s cybersecurity teams said that cyber ransomware attacks that exploit the Zero Day vulnerability targeted Minecraft servers hosted by users of the popular video game. Companies that use open source software will play a major role in preventing such problems.
The Log4Shell problem will inspire more cybercriminal groups. We predict that attacks will increase using Zero Day vulnerabilities hidden in open source libraries. The operation of an open source software system means that all sections of the network are maintained by only a few volunteers. If large companies do not invest in the open source projects they use, patches will not be prepared in time to block detected critical errors. This, in turn, will facilitate cyber attacks on particularly sensitive areas of infrastructure, networks or data – comments Alexander Kostuch from Stormshield. – For example? TousAntiCovid, the most downloaded program in France in 2021. The Zero Day vulnerability identified in its code elements allows access to large amounts of health information. And keep in mind that the healthcare industry is one of the sectors that cybercriminals especially like – he adds.
Talent competition among cybercriminals
According to estimates, there is still a shortage of IT professionals in the market. Their shortage is estimated at hundreds of thousands of positions around the world. For example, in 2021, 700,000 people were planted in France. new jobs in this sector. At the same time, according to Microsoft in the field of cybersecurity, the shortage of specialists reaches 65 percent. In the United States, one-third of cybersecurity jobs remain unfilled.
Criminals have a similar problem. Creating new groups requires adequate human resources, their resources are limited. According to experts, this will have consequences.
The chronic proliferation of cybercrime groups is leading to a situation facing cybersecurity professionals. There is a need to hire new members. The limited resource of hack talent and the resulting increased competition for employees can even lead to attempts to draw people who have previously developed their skills and professional careers in the official market into the dark side, explains Stormshield expert.
International cooperation is bearing fruit
Along with the professionalization of the criminal environment, it is also being combated. In 2021, a number of police operations were carried out against cybercriminal groups. Although the reactions from countries, including international cooperation, are very rare, last year such cooperation made it possible to dismantle the Emotet botnet and the REVIL ransomware group.
Unfortunately, splitting these groups does not end there. Experienced cybercriminals are recruited by new environments. Between September and November 2021, three new groups were identified: Lockean, FamousSparrow and Void Balaur. As in the mythical hydra, new ones grow in place of the severed head. However, this does not release us from the obligation to fight this type of crime – concludes the expert Stormshield.