In the ever-evolving landscape of cybercrime, new trends and methods are constantly emerging to target organizations across various industries. The 2024 surveys shed light on the most pressing issues and findings related to the growing threat of cybercrime.
One of the significant trends highlighted in the surveys is the increase in social engineering scams targeting financial institutions in North America. Reports of such scams have surged by tenfold in 2024 compared to the previous year. While account-opening fraud has decreased due to the implementation of additional controls like behavioral biometric intelligence, there has been a notable triple increase in check and deposit fraud volumes.
Moreover, fraudsters have been reviving old tactics and incorporating modern technology to deceive consumers. Impersonating government agencies such as the USPS, FBI, and IRS, scammers have been successful in extracting substantial amounts from victims, with an average loss of $14,000 per victim in the US during the first quarter of 2024. The losses from cash payments due to government impersonation scams have also seen a significant 90% increase between 2022 and 2023.
Another alarming trend is the exploitation of poorly configured cloud environments by cybercriminals. While certain malware families like Gafgyt, Mirai, and Bedevil have appeared less frequently, misconfigurations in platforms like Microsoft Azure and Google Cloud have left vulnerabilities for exploitation. The lack of customer-managed encryption in services like BigQuery has contributed to the recurring incidents of breaches.
Furthermore, the surveys indicate that a staggering 65% of websites remain unprotected against simple bot attacks, with both basic and advanced bot-driven attacks on the rise. Cybercriminals have been leveraging advanced tools and techniques to outpace traditional defense mechanisms, particularly in regions like Europe where website protection is lacking.
As the threat landscape continues to evolve, the use of Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) tools by cybercriminals has become prevalent. Ransomware strains like Akira, Lockbit, and Black Basta have been identified as major threats impacting organizations. Additionally, identity document fraud techniques like selfie spoofing have gained traction, contributing to a significant percentage of fraudulent verifications.
In conclusion, the 2024 surveys underscore the escalating sophistication and diversification of cybercrime tactics, emphasizing the need for organizations to enhance their cybersecurity measures to combat these evolving threats effectively. With cybercriminals constantly adapting and innovating, staying vigilant and proactive in identifying and addressing vulnerabilities is paramount in safeguarding against the pervasive and costly impact of cybercrime.