Top 5 Cybercrimes To Be Aware of in 2023

Cybersecurity experts are warning that the threat landscape will bring in a new era of concerns over cyberattacks and cybercrimes, which are likely to increase substantially this year as new threats are emerging faster than ever before. Various causes are driving the increase in cyberattacks: the Russian-Ukraine war, the ease of malware distribution, cryptocurrency payment options, and global food insecurity. The warning comes as 2023 appears to be on track to be a record-breaking year for cyberattacks. According to threat intelligence, the global yearly cost of cybercrimes could exceed $8 trillion by the end of 2023. However, the number can even underestimate the problem because United States-based financial institutions alone lost around $1.2 billion in ransomware attacks, representing an almost 200% increase over the previous year. If that rate continues to rise, global cybercrimes can cause damages that can reach $16 trillion. Financial institutions, however, aren’t the only targets for cybercriminals, who are using new technologies and exploiting weaknesses in systems targeting everyone from small businesses to individuals. With cybercrimes expected to skyrocket in 2023, here are five cybercrimes to be vigilant this year.

Five Cybercrimes in 2023

Scanning QR Codes Can Compromise Personal Data

QR codes, which are intended to swiftly send data, including shipping information or restaurant menus, have become a regular sight for smartphone users. Experts warn, however, that malicious QR codes are on the rise, possibly exposing users to dangerous websites that collect their personal data or allow threat operators to track their every move through geolocation-enabled apps. An FBI warning about the growing threat explains that cybercriminals are tampering with both digital and physical QR codes replacing legitimate codes with malicious codes. According to the FBI, the malicious code can direct users to fake websites or applications and ask them to provide log-in or banking information, allowing threat operators to easily steal money. Malicious QR codes can have embedded malware allowing cybercriminals to obtain access to victims’ mobile devices and steal victims’ locations along with personal and financial information. With stolen bank information, cybercriminals can withdraw money from victims’ accounts. To avoid becoming a victim, the FBI recommends that smartphone users never download an app when urged to do so after scanning a QR code. Additionally, the agency advises remaining cautious about what links QR code scans lead users to open and never using third-party applications to scan codes, instead using their smartphones’ built-in QR code scanning function.

Ransomware Threats Are Expecting to Increase

Ransomware attacks that threaten to breach or prevent access to users’ personal data until the ransom is paid are almost as ancient as the internet. Experts warn, however, that the old method is anticipated to become a bigger concern in 2023, as threat operators adapt to the technologies people rely on to keep them safe. According to a 2022 cyberthreat report, ransomware is worsening, even more than projected. The global ransomware damages are estimated to exceed $30 billion. Another report found that approximately 73% of companies were targets of at least one ransomware attack in 2022, up from 55% in 2021. The increased complexity in IT continues to result in breaches and compromises, emphasizing the need for more holistic methods of cyber-protection. Currently, the threat landscape needs a multi-layered solution that integrates anti-malware, EDR, DLP, email security, vulnerability assessment, patch management, RMM, and backup capabilities.

Targeting Vulnerable Links in the Supply Chain

During the COVID-19 pandemic, global supply chains were severely hampered and have been slowly recovering, however, 2023 will put them to the test once more as cybercriminals are attempting to exploit their vulnerabilities. Four out of every five companies are encountering challenges to their software supply chain in the previous year. The vulnerabilities can result in enormous costs with 58% of the companies incurring operational disruptions and data loss, 55% experiencing intellectual property loss, and 49% experiencing financial loss. Companies are being warned to be vigilant in monitoring their own cybersecurity because the problem isn’t going away anytime soon. Unknown components and a lack of awareness of the software supply chain offer blind spots harboring potential vulnerabilities that cause problems to numerous companies, including loss of data and intellectual property, operational downtime, and financial and reputational impact. Companies need to rely on more than trust to monitor and manage cybersecurity in their software supply chain.

Increasing Attacks on Electric Vehicles

With an increased global push to reduce emissions by moving to electric vehicles and resulting in a boom in the EV industry, electric vehicles becoming increasingly mainstream in recent years. However, numerous vehicles have technology that’s vulnerable to cyberattacks, including vehicles’ displays, navigation, climate control, and autonomous driving functions. Because new cars and electric vehicles are more linked and automated, they’re more vulnerable to cybersecurity attacks. EV vehicles don’t need to be more dangerous than modern ICE vehicles. To maximize performance, EV vehicles will use the most modern electrical architecture, including connectivity, which can create higher risks.

Targeting Electrical Grids and Critical Infrastructure

Cyberattacks on the nation’s vulnerable electric grids can cause power outages, fuel shortages, and energy production to suffer. The ongoing invasion of Ukraine from Russia has demonstrated how damaging cyberattacks on countries’ power infrastructure can be, forcing Ukraine’s civilian population into darkness and cold as terrible winter temperatures spread across the country. For years, experts have warned that the United States’ electrical grids are becoming increasingly vulnerable to cyberattacks, whether from state threat actors, including Russia, or international terrorist groups. Since 2015, the Pentagon’s Defense Advanced Research Projects Agency has been prepared for such scenarios, investing $118 million in the Rapid Attack Detection, Isolation, and Characterization Systems (RADICS) project. The program that ran through 2020 allowed 15 utility companies to test for vulnerabilities and drill for attacks in realistic situations, which experts described as an eye-opening experience for companies. However, other analysts worry that the United States hasn’t done enough to prevent what can become devastating attacks.

With these five cybercrimes having the potential to cause a significant impact on the industry sectors, it’s important for companies to always remain very vigilant on the current threat landscape and regularly update their network security infrastructure. At SpearTip, our certified engineers are continuously working at our 24/7/365 Security Operations Center monitoring companies’ data networks for potential cyberattacks. Additionally, our remediation experts work to restore companies’ operations, reclaim their networks by isolating malware, and recover business-critical assets. With our pre-breach advisory services, SpearTip will examine companies’ security posture to improve weak points in their networks and engage with their people, processes, and technology to measure the maturity of the technical environment. For all vulnerabilities we uncover, our experts will provide technical roadmaps ensuring companies have the awareness and support to optimize their overall cybersecurity posture. Our ShadowSpear Platform, an integrable managed detection and response tool, uses comprehensive insights through unparalleled data normalization to detect sophisticated unknown and advanced cyber threats.

If your company is experiencing a breach, call our Security Operations Centers at 833.997.7327 to speak directly with an engineer.