Cyber-crime is low-risk and can be profitable, so it’s no surprise that it is booming around the world. As businesses react and develop strategies to combat it, criminals adopt more sophisticated methods to stay ahead of the game. Cyber-crime has become an agile, globalised industry that is evolving to evade security systems and becoming harder to detect.
As the industry is having to be creative in finding new ways to prevent attacks, cyber criminals are creating new threats. Whether it’s spear phishing to target particular individuals, using ransomware to extort money from organisations or banking trojans to harvest online customers’ details, new and innovative approaches are being deployed.
The AI arms race
Artificial intelligence has the potential to revolutionise our relationship with technology. Machine learning enables systems to learn and make decisions on our behalf, opening up a world of possibilities.
Where cyber-crime is concerned, AI presents both problems and solutions. On the plus side, advances in malware detection have led to the development of threat-hunting technology. This uses good-behaviour modelling to identify malicious activity. On the downside, cyber-criminals are turning to AI to power malware. This malware can mimic normal behaviour and maximise income from any given environment.
Hackers have used AI to target and impersonate key senior executives. By issuing instructions to subordinates, money has been transferred to accounts which they have taken control of.
IoT devices are vulnerable to malware attacks and can be used as an infiltration point. In one incident, hackers gained access to an entire computer system via a CCTV camera outside the building using source code available online.
Supply chain attacks
A typical supply chain can involve different companies of varying sizes sharing information. While top businesses are likely to have comprehensive protection in place, this is often not the case with small suppliers at the bottom of the chain. Hackers are using these weak links to gain access to the whole chain via shared systems.
In a world of smart devices, where everything is connected, the opportunities for hackers are vast. Hospitals, utilities, transport, industry, the list of potential targets is huge. Anything that is computer-controlled or monitored by sensors is vulnerable. Many devices have inept security and cyber-hackers can use them to gain access to systems.
Around the world, various attacks have taken place on critical infrastructure including power grids, dams and nuclear plants. These attacks strive to cause physical damage and it doesn’t take a great leap of imagination to see the potential for widespread devastation by terrorists or hostile nations.