Cryptocurrency fraud, attacks related to the war in Ukraine and Artificial Intelligence in the hands of cybercriminals
The number of cyber attacks increased by an average of 25% year-on-year, according to data from ComCERT of the Asseco Group. Security investment was on average one-third higher in most organizations. Experts emphasize that the situation in the previous year was affected by the war in Ukraine. As many as 85% of attacks came from outside, while 15% were internal threats. More than half of the attacks were undertaken by organized crime groups. Phishing and DDoS were the most common threats in 2022, together accounting for more than 80% of all cyber incidents.
ComCERT experts from the Asseco Group predict that the new year will be equally challenging at best. The war in Ukraine or the development of attackers’ competence and technology are just a few of the challenges that security specialists will have to face. They will be supported in the fight against threats by Artificial Intelligence (AI), which, however, is also being used successfully by cybercriminals. In response to the growing number of attacks, EU authorities are working on a regulation concerning the digital resilience of critical infrastructure.
The most important trends in the area of cyber security according to experts from ComCERT of the Asseco Group.
- Economic uncertainty will make it harder to fight cyber threats
In the new year, the fight against cyber threats will be extremely difficult. According to Krzysztof Dyki, president of ComCERT of the Asseco Group, there will be more attempted attacks, which has to do with the economic slowdown (investment restrictions causing greater risks) and the war in Ukraine. The expert emphasises that since the beginning of the outbreak of the armed conflict, cybercriminals have particularly often taken government institutions and critical infrastructure as targets, but they have not spared business either. The CISO (Chief Information Security Officer) and other security leaders should include in their plans, also financial ones, resources for threat intelligence activities to prevent current threats.
- More cryptocurrency scams to come
The collapse of the FTX exchange in November affected the entire cryptocurrency market. Many investors came under pressure due to the uncertainty of what happened to their money. Cybercriminals carrying out fraudulent cryptocurrency transactions see their opportunity in the biggest crisis in more than a decade. Krzysztof Dyki of the Asseco Group predicts an increase in their activity in the coming year. In addition, accelerating inflation and rising interest rates, as well as the economic slowdown, will contribute to more cryptocurrency fraud. This is because in such conditions more people are looking for favorable financial offers and often lose vigilance.
- Growing security in the financial sector
Not only the cryptocurrency market, but the entire financial industry is an attractive target for cybercriminals. Not surprisingly, the EU authorities are working on regulations to strengthen the security of organizations such as banks, insurance companies and investment funds. The Digital Operational Resilience Act (DORA) will introduce uniform requirements for the cyber security of networks and information systems of organizations operating in the financial sector. The changes will also extend to third parties providing IT-related services to them, such as cloud and business analytics. The member states will have to implement a national strategy to increase the resilience of critical entities, and will have to conduct a risk assessment at least once every four years. If the regulation is completed as early as 2023, covered entities will have to comply with the new requirements. Depending on the current state of cyber security systems, potential investments could significantly absorb both the IT team's time and put a strain on the organization's budget.
- Artificial intelligence (AI) - a weapon of both sides
Artificial Intelligence and Machine Learning have made a significant contribution to increasing the level of cyber security. These technologies play an important role in building systems responsible for detecting threats. The use of AI in the process of analyzing the security of code and software behavior allows to automate many activities and see how the operation of a particular application affects the entire organization. Unfortunately, Artificial Intelligence is also an effective weapon in the hands of cybercriminals. They use fictitious entities to purchase solutions based on it, or hack into the systems of legitimate organizations. They then take control of AI solutions and use them to test the capabilities of the malware they plan to exploit.