Cybercriminals could join with crime gangs for new profits

Cybercrime syndicates could change business models and join forces with real-world organised criminal groups and corrupt governments, a new report warns

The ransomware industry could be on the verge of a revolution that sees cybercriminals expand their empires or partner with hostile governments and organised crime groups, a new report warns.

Cybersecurity company Trend Micro’s new report The Near and Far Future of Today's Ransomware Groups highlights the history of ransomware and the key building blocks of modern attacks before proposing scenarios that show where threats may evolve.

“Change is the only constant in cybercrime, and sooner or later, economic and geopolitical forces may compel ransomware groups to adapt or die,” says Jon Clay, Vice President of Threat Research at Trend Micro. “Amidst this uncertain threat landscape, network defenders need platform-based security to provide visibility and control across all attack surfaces, including hybrid cloud infrastructure."

Attacks could be scaled up through automation

Threat actors will continue to evolve their attacks in response to corporate defensive strategies, law enforcement successes, and government sanctions, says Clay. This could include scaling up attacks through increased automation, targeting more IoT and cloud environments, improving professionalism and execution, and more effectively monetising attacks.

The report also predicts that ransomware actors will eventually be motivated to change their business models due either to the cumulative impact of relatively small changes or by more radical global factors. This could lead to them developing supply chain attacks, using stolen data for stock manipulation, selling more services to traditional organised crime syndicates, merging with other criminal groups, or even working with governments.

Trend Micro's report recommends companies take precautions by hardening internet-facing and internal corporate system, migrating to cloud services, focusing defensive efforts on detection and response and initial access vectors, strengthening government sanctions on major actors and facilitators, and regulating cryptocurrency to increase transparency, protect consumers against fraud and make money laundering harder.

There is no silver bullet to solve these challenges, says Clay, and as they emerge, network defenders and governments should tackle changes to cybercrime business models.

Share

Featured Articles

Tech & AI LIVE: Key Events that are Vital for Cybersecurity

Connecting the world’s technology and AI leaders, Tech & AI LIVE returns in 2024, find out more on what’s to come in 2024

MWC Barcelona 2024: The Future is Connectivity

Discover the latest in global technology and connectivity at MWC Barcelona 2024, where industry giants converge to discuss 5G, AI and more industry trends

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Research from Egress Threat Intelligence, Avast, Cequence Security & KnowBe4 outlines how AI is being used in dating app phishing scams on Valentine’s Day

Speaker Lineup Announced for Tech Show London 2024

Technology & AI

Darktrace predicts AI deepfakes and cloud vulnerabilities

Cloud Security

Secure 2024: AI’s impact on cybersecurity with Integrity360

Technology & AI