Coming Your Way - The Top Cyber Crimes In 2023

Cyber security experts have warned that 2023 could usher in a new era of concerns over cyber attacks, which are expected to rise sharply this year as new threats emerge faster than ever and with the rapid  expansion  of digital technologies, the nature of crime has been transformed. 

A rapid increase in cyber crime has become a visible, expanding trend that has been affecting a variety of industries, governments and organisations. 

Factors such as the increasing extensive global connectivity, widespread sharing of data among devices and reliance on weak security networks will rapidly increase these attacks. Crime potentially becomes more lethal and untraceable and some cyber security expert are warning about the new nature and domains of cyber-crime in 2023. Here are some of the cyber crime examples:

Phishing Attacks

Phishing attacks soared in 2022, with international consortium and fraud prevention group the Anti-Phishing Working Group (APWG) reported a total of almost 3.4 million phishing attacks in the first nine months of 2022. 
There were 1,025,968 attacks in Q1, 1,097,811 attacks in Q2 and 1,270,883 attacks in Q3, with each quarter breaking the record as the worst quarter APWG has ever observed.

Ransomware Threats 

Ransomware attacks, which threaten to compromise a user's personal data or block access to it until a ransom is paid, are as old as the Internet itself. However, experts are warning that the old tactic is expected to become a bigger threat in 2023, with cyber criminals adapting to the tools people have depended on to keep them safe.

 Hospital Cyber Attacks

Hospitals are targeted by cyber criminals because they have valuable personal and financial information about patients and because the consequences of a successful attack can be severe. In a cyber attack on a hospital system, the attacker may try to gain unauthorised access to the hospital’s computer systems and steal or manipulate data, disrupt the operation of medical devices, or disrupt the delivery of healthcare. 

The attack may also involve ransomware, where the attacker holds the hospital’s data hostage and demands a ransom to restore access.

It is important for hospitals to have strong cyber security measures in place to protect against cyber attacks. This may include measures such as firewalls, antivirus software, and secure passwords, as well as ongoing training for staff on how to recognise and prevent attacks.

QR Code Scanning

Scanning a QR code has the potential to compromise your personal data if the QR code is linked to a malicious website or if it is used to steal your personal information. It’s important to be cautious when scanning QR codes, especially if they are from unfamiliar sources. It’s also a good practice to check the URL of the website that the QR code leads to, to make sure it is a legitimate website and not a phishing site or other type of scam.

You should also use a QR code scanner app that checks for safety and has some sort of building security checks, also updating your device and QR scanner app on regular basis will make sure you have the latest security patches. It’s a good practice to avoid scanning QR codes from untrusted sources and only scan QR codes from sources that you know and trust.

Supply Chain Attacks

In a supply chain cyber attack, attackers typically target the systems and networks that companies use to manage and track their inventory, orders, and shipments. Attacks on a supply chain can have significant consequences for the affected organisations and their customers. These types of attacks can disrupt the flow of goods and services, leading to delays, lost revenue, and potentially even damage to a company’s reputation. For example, an attacker might target a company’s Enterprise Resource Planning (ERP) system, which is used to manage inventory and production, or a transportation management system (TMS), which is used to track shipments and deliveries.

The attacker can gain access to these systems through a variety of methods, such as exploiting vulnerabilities in software, phishing scams, or other forms of social engineering. 

Once they have access, they can steal sensitive information such as customer data, financial data, and intellectual property, or disrupt the normal operation of these systems. This can lead to delays in deliveries, stakeouts, and unplanned downtime in production.

It’s important for organisations to take steps to protect their supply chains from cyber attacks, by implementing measures such as security awareness training for employees, regular security audits and penetration testing, and the use of advanced security technologies such as firewalls, intrusion detection, and prevention systems, and security information and event management (SIEM) tools.

In addition, organisations should also be proactive in monitoring for signs of an attack and be ready with incident response plans, which can help minimize the damage of a successful attack and help with a faster recovery.

Electric Vehicles

An attack on an electric vehicle (EV) can have serious consequences, potentially compromising the safety and privacy of the vehicle’s occupants, as well as the integrity of the EV’s systems and networks. One way that attackers may target an EV is by exploiting vulnerabilities in the vehicle’s electronic control units (ECUs), which are the computer systems that control various aspects of the vehicle, such as the powertrain, brakes, and steering. 

Attackers could potentially take control of these systems and manipulate the vehicle’s behavior, potentially causing accidents or other dangerous situations.

Another way attackers may target an EV is by exploiting vulnerabilities in the vehicle’s communication systems, such as the onboard diagnostics (OBD) port, or wireless connectivity systems, such as Bluetooth or cellular networks. This can allow attackers to gain access to the vehicle’s systems and data and potentially steal sensitive information such as location data, driving history, and personal information of the occupants.

To mitigate the risk of cyber attacks on EVs, it’s important for manufacturers to design and build vehicles with security in mind. This includes the use of secure coding practices, regular software updates to address known vulnerabilities, and the use of robust security protocols to protect the vehicle’s communication systems.

It’s also important for EV owners to be aware of the risks and take steps to protect their vehicles. This can include keeping their vehicles’ software up to date, being cautious about connecting their vehicles to unfamiliar networks or devices, and not leaving sensitive information such as personal data in the vehicle.

As the trend of Electric cars is getting more popular and advancement in technology is increasing, cyber security in EVs will be a crucial area to ensure the safety and security of both vehicles and their occupants.

Electricity Grids

A cyber attack on an electric grid can have serious consequences, potentially causing widespread power outages and disruptions to the electricity supply. Electric grids are complex systems that rely on many interconnected components, including power generators, transmission and distribution systems, and control systems.

One way that attackers may target an electric grid is by exploiting vulnerabilities in the control systems, such as Supervisory Control and Data Acquisition (SCADA) systems and other industrial control systems (ICS) that are used to monitor and control the grid. Attackers can use malware, phishing scams, or other techniques to gain access to these systems and manipulate the grid’s behavior, potentially causing power outages or other disruptions to the electricity supply.

Another way that attackers may target an electric grid is by exploiting vulnerabilities in the communications systems that are used to transmit data and control signals between distinct parts of the grid. This could include exploiting vulnerabilities in the networks that connect power plants, substations, and other grid components, or by targeting the systems used to manage the grid’s transmission and distribution systems.

To mitigate the risks of attacks on electric grids, it’s important for utilities and grid operators to take a proactive approach to cyber security. This includes implementing robust security measures such as firewalls, intrusion detection and prevention systems, and SIEM tools. Additionally, regular security audits, penetration testing, and employee training on cybersecurity are important.

It’s also important for government agencies, utilities, and grid operators to work together to share threat intelligence and coordinate incident response efforts. 

Furthermore, Industry Standards and regulations such as NIST-CIP, IEC62443, and others provide guidelines for protecting industrial control systems like those used in the electric grid. Given the critical importance of electric grids to our daily lives, ensuring their cyber security is a vital step towards protecting our communities and infrastructure from potential cyber threats.

Thales:     Modern Diplomacy:    APWG:    CSHub:     National News:     ASTRA:    Fox News

You Might Also Read: 

Five Data Security Trends Organisations Must Deal With:  

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Who Foots the Bill For A Data Breach? 
Preventing Ransomware Attacks Begins With You »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IX Associates

IX Associates

IX Associates is a UK based IT Integration business specialising in risk, compliance, eDefence, and network security solutions.

RPC

RPC

RPC is a business law firm. Practice areas include technology and cyber risk.

Professional Insurance Agents (PIA)

Professional Insurance Agents (PIA)

Professional Insurance Agents (PIA) offer commercial insurance services including Cyber Liability insurance.

Fox-IT

Fox-IT

Fox-IT prevents, solves and mitigates the most serious cyber threats with smart solutions for governmental bodies, defense, law enforcement, critical infrastructure, banking and large enterprises.

Network Box

Network Box

Network Box is one of the world's leading Managed Security Service Providers.

Infopulse

Infopulse

Infopulse is a global provider of Software Engineering, Cloud & IT Infrastructure Management, and Cybersecurity services.

Emirates International Accreditation Center (EIAC)

Emirates International Accreditation Center (EIAC)

EIACI is the national accreditation body for the United Arab Emirates. The directory of members provides details of organisations offering certification services for ISO 27001.

Secure Recruitment

Secure Recruitment

Secure Recruitment is a specialist Executive Search business that focuses its efforts on attracting specific exceptional talent in Cyber Security.

Cybersecurity Manufacturing Innovation Institute (CyManII)

Cybersecurity Manufacturing Innovation Institute (CyManII)

CyManII was established to create economically viable, pervasive, and inconspicuous cybersecurity in American manufacturing to secure the digital supply chain and energy automation.

Scout Ventures

Scout Ventures

Scout Ventures is an early stage venture capital firm that is making the world a better, safer place by cultivating standout frontier technologies.

Cyber Skyline

Cyber Skyline

Cyber Skyline is a revolutionary cloud platform to practice, develop, and measure your team's technical cybersecurity skills.

1Kosmos

1Kosmos

1Kosmos provide Digital Identity and Passwordless Authentication for workforce and customers. Powered by advanced biometrics and blockchain technology.

CYDEF

CYDEF

CYDEF provides comprehensive, state-of-the-art cybersecurity protection that is accessible and affordable to organizations of any size.

Guardz

Guardz

Guardz helps small and growing businesses to go from zero or low cyber protection to having comprehensive security – in the quickest and most straightforward way.

Labaton Sucharow

Labaton Sucharow

Standing on the horizon of law and technology, our Cybersecurity and Data Privacy Practice helps to protect consumers who have been harmed by businesses’ failures to safeguard their customers' data.

Pango

Pango

Pango is a leading provider of digital consumer security solutions.