Coming Your Way - The Top Cyber Crimes In 2023

Uploaded on 2023-01-25 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Transport & Travel, BUSINESS-Production-Utilities, BUSINESS-Production-Manufacturing, BUSINESS-Production-Energy

Cyber security experts have warned that 2023 could usher in a new era of concerns over cyber attacks, which are expected to rise sharply this year as new threats emerge faster than ever and with the rapid  expansion  of digital technologies, the nature of crime has been transformed. 

A rapid increase in cyber crime has become a visible, expanding trend that has been affecting a variety of industries, governments and organisations. 

Factors such as the increasing extensive global connectivity, widespread sharing of data among devices and reliance on weak security networks will rapidly increase these attacks. Crime potentially becomes more lethal and untraceable and some cyber security expert are warning about the new nature and domains of cyber-crime in 2023. Here are some of the cyber crime examples:

Phishing Attacks

Phishing attacks soared in 2022, with international consortium and fraud prevention group the Anti-Phishing Working Group (APWG) reported a total of almost 3.4 million phishing attacks in the first nine months of 2022. 
There were 1,025,968 attacks in Q1, 1,097,811 attacks in Q2 and 1,270,883 attacks in Q3, with each quarter breaking the record as the worst quarter APWG has ever observed.

Ransomware Threats 

Ransomware attacks, which threaten to compromise a user's personal data or block access to it until a ransom is paid, are as old as the Internet itself. However, experts are warning that the old tactic is expected to become a bigger threat in 2023, with cyber criminals adapting to the tools people have depended on to keep them safe.

 Hospital Cyber Attacks

Hospitals are targeted by cyber criminals because they have valuable personal and financial information about patients and because the consequences of a successful attack can be severe. In a cyber attack on a hospital system, the attacker may try to gain unauthorised access to the hospital’s computer systems and steal or manipulate data, disrupt the operation of medical devices, or disrupt the delivery of healthcare. 

The attack may also involve ransomware, where the attacker holds the hospital’s data hostage and demands a ransom to restore access.

It is important for hospitals to have strong cyber security measures in place to protect against cyber attacks. This may include measures such as firewalls, antivirus software, and secure passwords, as well as ongoing training for staff on how to recognise and prevent attacks.

QR Code Scanning

Scanning a QR code has the potential to compromise your personal data if the QR code is linked to a malicious website or if it is used to steal your personal information. It’s important to be cautious when scanning QR codes, especially if they are from unfamiliar sources. It’s also a good practice to check the URL of the website that the QR code leads to, to make sure it is a legitimate website and not a phishing site or other type of scam.

You should also use a QR code scanner app that checks for safety and has some sort of building security checks, also updating your device and QR scanner app on regular basis will make sure you have the latest security patches. It’s a good practice to avoid scanning QR codes from untrusted sources and only scan QR codes from sources that you know and trust.

Supply Chain Attacks

In a supply chain cyber attack, attackers typically target the systems and networks that companies use to manage and track their inventory, orders, and shipments. Attacks on a supply chain can have significant consequences for the affected organisations and their customers. These types of attacks can disrupt the flow of goods and services, leading to delays, lost revenue, and potentially even damage to a company’s reputation. For example, an attacker might target a company’s Enterprise Resource Planning (ERP) system, which is used to manage inventory and production, or a transportation management system (TMS), which is used to track shipments and deliveries.

The attacker can gain access to these systems through a variety of methods, such as exploiting vulnerabilities in software, phishing scams, or other forms of social engineering. 

Once they have access, they can steal sensitive information such as customer data, financial data, and intellectual property, or disrupt the normal operation of these systems. This can lead to delays in deliveries, stakeouts, and unplanned downtime in production.

It’s important for organisations to take steps to protect their supply chains from cyber attacks, by implementing measures such as security awareness training for employees, regular security audits and penetration testing, and the use of advanced security technologies such as firewalls, intrusion detection, and prevention systems, and security information and event management (SIEM) tools.

In addition, organisations should also be proactive in monitoring for signs of an attack and be ready with incident response plans, which can help minimize the damage of a successful attack and help with a faster recovery.

Electric Vehicles

An attack on an electric vehicle (EV) can have serious consequences, potentially compromising the safety and privacy of the vehicle’s occupants, as well as the integrity of the EV’s systems and networks. One way that attackers may target an EV is by exploiting vulnerabilities in the vehicle’s electronic control units (ECUs), which are the computer systems that control various aspects of the vehicle, such as the powertrain, brakes, and steering. 

Attackers could potentially take control of these systems and manipulate the vehicle’s behavior, potentially causing accidents or other dangerous situations.

Another way attackers may target an EV is by exploiting vulnerabilities in the vehicle’s communication systems, such as the onboard diagnostics (OBD) port, or wireless connectivity systems, such as Bluetooth or cellular networks. This can allow attackers to gain access to the vehicle’s systems and data and potentially steal sensitive information such as location data, driving history, and personal information of the occupants.

To mitigate the risk of cyber attacks on EVs, it’s important for manufacturers to design and build vehicles with security in mind. This includes the use of secure coding practices, regular software updates to address known vulnerabilities, and the use of robust security protocols to protect the vehicle’s communication systems.

It’s also important for EV owners to be aware of the risks and take steps to protect their vehicles. This can include keeping their vehicles’ software up to date, being cautious about connecting their vehicles to unfamiliar networks or devices, and not leaving sensitive information such as personal data in the vehicle.

As the trend of Electric cars is getting more popular and advancement in technology is increasing, cyber security in EVs will be a crucial area to ensure the safety and security of both vehicles and their occupants.

Electricity Grids

A cyber attack on an electric grid can have serious consequences, potentially causing widespread power outages and disruptions to the electricity supply. Electric grids are complex systems that rely on many interconnected components, including power generators, transmission and distribution systems, and control systems.

One way that attackers may target an electric grid is by exploiting vulnerabilities in the control systems, such as Supervisory Control and Data Acquisition (SCADA) systems and other industrial control systems (ICS) that are used to monitor and control the grid. Attackers can use malware, phishing scams, or other techniques to gain access to these systems and manipulate the grid’s behavior, potentially causing power outages or other disruptions to the electricity supply.

Another way that attackers may target an electric grid is by exploiting vulnerabilities in the communications systems that are used to transmit data and control signals between distinct parts of the grid. This could include exploiting vulnerabilities in the networks that connect power plants, substations, and other grid components, or by targeting the systems used to manage the grid’s transmission and distribution systems.

To mitigate the risks of attacks on electric grids, it’s important for utilities and grid operators to take a proactive approach to cyber security. This includes implementing robust security measures such as firewalls, intrusion detection and prevention systems, and SIEM tools. Additionally, regular security audits, penetration testing, and employee training on cybersecurity are important.

It’s also important for government agencies, utilities, and grid operators to work together to share threat intelligence and coordinate incident response efforts. 

Furthermore, Industry Standards and regulations such as NIST-CIP, IEC62443, and others provide guidelines for protecting industrial control systems like those used in the electric grid. Given the critical importance of electric grids to our daily lives, ensuring their cyber security is a vital step towards protecting our communities and infrastructure from potential cyber threats.

Thales:     Modern Diplomacy:    APWG:    CSHub:     National News:     ASTRA:    Fox News

You Might Also Read: 

Five Data Security Trends Organisations Must Deal With:  

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Who Foots the Bill For A Data Breach? 
Preventing Ransomware Attacks Begins With You »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CERT.hr

CERT.hr

CERT.hr is the national authority competent for prevention and protection from computer threats to public information systems in the Republic of Croatia.

National Defence Radio Establishment (FRA) - Sweden

National Defence Radio Establishment (FRA) - Sweden

The National Defence Radio Establishment (Försvarets Radioanstalt), is the Swedish national authority for Signals Intelligence, also providing Information assurance services to government authorities.

StationX

StationX

StationX is a leading provider of cyber security training, consultancy and services.

Matta

Matta

Matta is a cyber security consulting company providing information security services and solutions including vulnerability assessments, penetration testing and emergency response.

CARICERT

CARICERT

CARICERT is the National Cyber Emergency Response Team of Curacao in the Caribbean.

Sternum

Sternum

Sternum provides reliable and effective endpoint security for any IoT device, using robust technology and seamless integration.

Ecubel

Ecubel

Ecubel is the market leader in Belgium in buying and selling used IT harware guaranteed by a certified data erasure.

Curricula

Curricula

Curricula's cyber security awareness training delivers short relatable security stories to your employees. We make learning cyber security simple and fun.

Cynance

Cynance

Cynance are an award-winning, independent cyber security specialist and part of the Transputec family of companies.

Wiz

Wiz

Wiz - the first cloud visibility solution for enterprise security: A 360° view of security risks across clouds, containers and workloads.

Graylog

Graylog

Graylog provides answers to your team’s security, application, and IT infrastructure questions by enabling you to combine, enrich, correlate, query, and visualize all your log data in one place.

Innovex Global

Innovex Global

Innovex is a full-service executive search and advisory business that engages with early-stage startups, scale-ups, and established businesses in the Fintech, Cybersecurity and Technology industries.

DeNexus

DeNexus

DeNexus is the leading provider of cyber risk modeling for industrial networks. Our Mission is to build the Global Standard for Industrial Cyber Risk Quantification.

Advantage

Advantage

Advantage exists to provide peace of mind in an evolving technology reliant world. We were created by visionaries who for nearly 4-decades have been passionate about providing world-class solutions.

Infosys

Infosys

Infosys is a global leader in consulting, technology and outsourcing solutions.. Services include IT strategy, technical architecture and operations including cybersecurity.

Fusion5

Fusion5

Fusion5 is a leading ANZ Business Services and IT Solutions provider. Our customers trust us to make their potential reality by providing advisory, IT project deployment, and managed services.