The evolution of cybercrime. Analysis, trends and forecasts 2023.
• Group-IB has published an annual flagship report on current trends in cybersecurity and forecasts of the evolution of the threat landscape. In short, the direction of ransomware will retain its leadership in the ranking of cyber threats to business.
• Recall that the most active groups in 2022 were Lockbit, Conti and Hive. In 2023, only the strongest will remain in the game, and the smaller and less experienced ones will disintegrate.
• The number of resources where attackers publish stolen company data for more effective pressure on the victim increased by 83% in 2022, reaching 44. According to information from Group-IB, data of 8 victims attacked by cryptographers appear on such sites every day, and in total, data of 2,894 companies were posted in public access.
• As before, the majority of ransomware attacks were on companies in the United States. However, last year, the number of ransom attacks for decrypting data on businesses in the RU segment tripled. The record for the amount of the ransom was set by the OldGremlin group, demanding 1 billion rubles from the victim.
• A new way to gain access to the infrastructure of companies is the use of stillers — malware to steal data from infected computers and smartphones of users. In total, Group-IB found 380 brokers selling access to the compromised infrastructure of companies that published more than 2,300 offers on darknet forums. In 2022, the market of access sellers in the darknet has more than doubled, while the average price of access has halved. Most often, attackers sell their “goods” in the form of access to VPN and RDP (remote desktop protocol).
• In 2022, data stolen with the help of stillers entered the top 3 of the best-selling “goods” on the darknet, along with the sale of access and text data of bank cards (owner's name, card number, expiration date, CVV).
• In 2023, experts predict an increase in leaks. The vast majority of databases of Russian companies were laid out in 2022 on underground forums and thematic Telegram channels for public access for free.