Organisations must brace themselves for a hostile cyber environment in 2023, with cyber criminals packaging ransomware and other malware tools into as-a-service offerings that even novices can use to launch devastating cyberattacks, according to security giant Sophos' 2023 Threat Report.
The report explained that the industrialisation of ransomware has allowed ransomware “affiliates” to evolve into professional operations specialising in exploitation, with these groups specialising in gaining or purchasing access for anyone willing to pay.
“Criminal marketplaces such as Genesis enable entry-level cyber criminals to purchase malware and malware deployment services and sell stolen credentials and other data in bulk. Access brokers are increasingly selling vulnerable software exploits and credentials to other criminal organizations,” the report said.
Just as information technology (IT) companies have shifted to “as-a-service” offerings, so have cyber criminals. Access brokers, ransomware, information-stealing malware, malware delivery, and other elements of cybercrime operations have lowered barriers to entry for would-be cyber criminals.
“Using professional offensive-security tools, legitimate administrative and technical support software, malware-as-a-service, and other market-obtained exploits and malware, we've seen a convergence by actors around sets of tools, tactics, and practices that can no longer be associated with specific ransomware operations, state-aligned espionage, or other specific motives,” the report said.
In Lockton's latest research, technology and cybersecurity are the top risks facing chief financial officers (CFOs) as they feel increasingly exposed to nearly all categories since the first quarter of 2022. The recent cyberattacks have also shaken companies across Australia, compelling the Australian Prudential Regulation Authority (APRA) to intensify its supervision of its regulated entities.
Sophos is calling for active defence to prevent incursions from doing damage.
“There is no sure defence against all these threats,” it said. “Sophos continues to work to increase its capabilities to aid organisations of all sizes against the continually evolving threat landscape through endpoint and network defences and managed security operations services.”