- Home >
- Services >
- Access to Knowledge >
- Trend Monitor >
- Domain of Application >
- Trend snippet: Increased sophistication and number of cyber-dependent attacks
Trends in Security Information
The HSD Trendmonitor is designed to provide access to relevant content on various subjects in the safety and security domain, to identify relevant developments and to connect knowledge and organisations. The safety and security domain encompasses a vast number of subjects. Four relevant taxonomies (type of threat or opportunity, victim, source of threat and domain of application) have been constructed in order to visualize all of these subjects. The taxonomies and related category descriptions have been carefully composed according to other taxonomies, European and international standards and our own expertise.
In order to identify safety and security related trends, relevant reports and HSD news articles are continuously scanned, analysed and classified by hand according to the four taxonomies. This results in a wide array of observations, which we call ‘Trend Snippets’. Multiple Trend Snippets combined can provide insights into safety and security trends. The size of the circles shows the relative weight of the topic, the filters can be used to further select the most relevant content for you. If you have an addition, question or remark, drop us a line at info@securitydelta.nl.
visible on larger screens only
Please expand your browser window.
Or enjoy this interactive application on your desktop or laptop.
Increased sophistication and number of cyber-dependent attacks
terms of the number of attacks reported but also in terms of the sophistication of attacks. Examples include malware, ransomware, and DDoS attacks. Cyber-dependent crime is likely significantly underreported. The rapidly progressing digitalisation of society and the economy constantly creates new opportunities for criminals involved in cyber-dependent crime. Businesses are increasingly the targets of cyberattacks. Public institutions, including critical infrastructures such as health services, continue to be targeted by cybercriminals.
Despite an increasing number of investigations into cyber-dependent crimes and other cybercrime activities, the number of criminal networks is low. One of the reasons could be that cybercrime involves many criminals operating individually and not in the framework of established networks.
The threat from cyber-dependent crime has been increasing over the last years, not only in terms of the number of attacks reported but also in terms of the sophistication of attacks. Cyber-dependent crime is likely significantly underreported. The rapidly progressing digitalisation of society and the economy constantly creates new opportunities for criminals involved in cyber-dependent crime.
Despite an increasing number of investigations into cyber-dependent crimes and other cybercrime activities, the number of criminal networks is low. One of the reasons could be that cybercrime involves many criminals operating individually and not in the framework of established networks.
Cyberattacks targeting citizens, businesses and critical infrastructure Cyber-dependent crime is any criminal activity that can only be committed using computers, computer networks or other forms of information communication technology (ICT). Such crimes are typically directed at computers, networks or other ICT resources. It includes the creation and spread of malware, hacking to steal sensitive personal or industry data, denial of service attacks to cause financial and/or reputational damage and other criminal activities. The threat from cyber-dependent crime has been increasing over the last years, not only in terms of the number of attacks reported but also in terms of the sophistication of attacks. Cyber-dependent crime is likely significantly underreported. Cyber-dependent crime causes significant financial loss to businesses, private citizens and the public sector each year through payments for ransomware, incident recovery costs and costs for enhanced cyber-security measures. Attacks to critical infrastructure have a significant impact and can potentially entail severe consequences, including loss of life. The rapidly progressing digitalisation of society and the economy constantly creates new opportunities for criminals involved in cyber-dependent crime. The steady increase in the number of users and connections creates new vulnerabilities and opens more potential victims to cyberattacks. During 2020, the COVID-19 pandemic has seen a surge in connections from private to corporate systems as telework became the norm in many sectors and industries. This development has made many corporate networks more vulnerable to cyberattacks. The availability of cybercrime services online as part of a crime-as-a-service business model makes cybercrime more accessible by lowering the technological expertise required to carry out these crimes.
Criminal services and tools such as malware, ransomware, DDoS and instructions to perform many types of attacks are offered online, often on the dark web. Cybercrime services and tools can be purchased by paying a user fee, a rental fee or even a percentage of the criminal profits. The affiliate model (also known as ransomware-as-a-service) allows ransomware developers and the cybercriminals that deploy the solutions to share the criminal profits. Developers offer technical expertise and support as service providers to affiliates who are often entry-level cybercriminals that identify and infect vulnerable targets.
Businesses are increasingly the targets of cyberattacks. Public institutions, including critical infrastructures such as health services, continue to be targeted by cybercriminals. A potential leak of data or service disruptions in these sectors could result in very high financial and social costs. The threat from cyber-dependent crimes is set to further increase in volume and sophistication over the coming years. Cybercrime is highly dynamic, exploiting rapidly advancing technologies. Critical infrastructures will continue to be targeted by cybercriminals in the coming years, which poses significant risks. Developments such as the expansion of the Internet of Things (IoT), the increased use of artificial intelligence (AI), applications for biometrics data or the availability of autonomous vehicles will have a significant impact. These innovations will create criminal opportunities. The performance of AI systems and applications relies on data sets. Malicious access to these data entails the disclosure of personal information. If AI is used in decision-making systems, the manipulation of data may have serious consequences for individual users. The criminal use of AI, including the exploitation of deepfakes, is expected to increase in the future. The incorporation of AI into existing techniques may widen the scope and scale of cyberattacks(13). The use of cryptocurrencies and the proliferation of anonymisation techniques, including encryption, will continue to grow. Cyber-dependent crime comprises a number of different attack techniques and modi operandi, which are constantly evolving in order to exploit previously unknown vulnerabilities. MALWARE Malware is a common type of cyberattack that uses malicious code to infiltrate and take over a computer, network or mobile device. Malware attacks aim to steal data and carry out identity theft, cause service disruptions and support espionage.
Cybercriminals deploying malware attacks are primarily driven by a profit motive and, to a lesser degree, attempts to build up their reputation in the hacking community. Malware is a widely used cybercrime tool. Malware constantly evolves and is highly diverse, existing in hundreds of thousands of variants. The EU’s cybersecurity agency ENISA reports the detection of 230 000 new strains of malware every day(14). RANSOMWARE Ransomware has been acknowledged as a key cybercrime threat for some years now. However, the number of attacks and the level of their sophistication continues to increase. The increase in the number of attacks on public institutions and large companies is particularly notable. DISTRIBUTED DENIAL OF SERVICE DDoS attacks are a well-known and persistent threat that are designed to disrupt or shut down a service/ network by overwhelming it. Cybercriminals orchestrate persistent attacks which might be followed by ransom requests offering to cease the attack in exchange for a payment. Cybercriminals now increasingly target smaller organisations with lower security standards(15). However, they continue to attack public institutions and critical infrastructures as well. CRIMINAL OFFENDERS Cybercrime is attractive to criminals due to the potential profits, limited risk of detection and prosecution, which if successful often only results in low sentences. Various types of criminals are involved in cyber-dependent crimes, ranging from structured criminal groups to lone offenders. Potential offenders without any specific expertise can also carry out cybercrime attacks by relying on tools and services available to them through crime-asa-service.