Coming Your Way - The Top Cyber Crimes In 2023

Cyber security experts have warned that 2023 could usher in a new era of concerns over cyber attacks, which are expected to rise sharply this year as new threats emerge faster than ever and with the rapid  expansion  of digital technologies, the nature of crime has been transformed. 

A rapid increase in cyber crime has become a visible, expanding trend that has been affecting a variety of industries, governments and organisations. 

Factors such as the increasing extensive global connectivity, widespread sharing of data among devices and reliance on weak security networks will rapidly increase these attacks. Crime potentially becomes more lethal and untraceable and some cyber security expert are warning about the new nature and domains of cyber-crime in 2023. Here are some of the cyber crime examples:

Phishing Attacks

Phishing attacks soared in 2022, with international consortium and fraud prevention group the Anti-Phishing Working Group (APWG) reported a total of almost 3.4 million phishing attacks in the first nine months of 2022. 
There were 1,025,968 attacks in Q1, 1,097,811 attacks in Q2 and 1,270,883 attacks in Q3, with each quarter breaking the record as the worst quarter APWG has ever observed.

Ransomware Threats 

Ransomware attacks, which threaten to compromise a user's personal data or block access to it until a ransom is paid, are as old as the Internet itself. However, experts are warning that the old tactic is expected to become a bigger threat in 2023, with cyber criminals adapting to the tools people have depended on to keep them safe.

 Hospital Cyber Attacks

Hospitals are targeted by cyber criminals because they have valuable personal and financial information about patients and because the consequences of a successful attack can be severe. In a cyber attack on a hospital system, the attacker may try to gain unauthorised access to the hospital’s computer systems and steal or manipulate data, disrupt the operation of medical devices, or disrupt the delivery of healthcare. 

The attack may also involve ransomware, where the attacker holds the hospital’s data hostage and demands a ransom to restore access.

It is important for hospitals to have strong cyber security measures in place to protect against cyber attacks. This may include measures such as firewalls, antivirus software, and secure passwords, as well as ongoing training for staff on how to recognise and prevent attacks.

QR Code Scanning

Scanning a QR code has the potential to compromise your personal data if the QR code is linked to a malicious website or if it is used to steal your personal information. It’s important to be cautious when scanning QR codes, especially if they are from unfamiliar sources. It’s also a good practice to check the URL of the website that the QR code leads to, to make sure it is a legitimate website and not a phishing site or other type of scam.

You should also use a QR code scanner app that checks for safety and has some sort of building security checks, also updating your device and QR scanner app on regular basis will make sure you have the latest security patches. It’s a good practice to avoid scanning QR codes from untrusted sources and only scan QR codes from sources that you know and trust.

Supply Chain Attacks

In a supply chain cyber attack, attackers typically target the systems and networks that companies use to manage and track their inventory, orders, and shipments. Attacks on a supply chain can have significant consequences for the affected organisations and their customers. These types of attacks can disrupt the flow of goods and services, leading to delays, lost revenue, and potentially even damage to a company’s reputation. For example, an attacker might target a company’s Enterprise Resource Planning (ERP) system, which is used to manage inventory and production, or a transportation management system (TMS), which is used to track shipments and deliveries.

The attacker can gain access to these systems through a variety of methods, such as exploiting vulnerabilities in software, phishing scams, or other forms of social engineering. 

Once they have access, they can steal sensitive information such as customer data, financial data, and intellectual property, or disrupt the normal operation of these systems. This can lead to delays in deliveries, stakeouts, and unplanned downtime in production.

It’s important for organisations to take steps to protect their supply chains from cyber attacks, by implementing measures such as security awareness training for employees, regular security audits and penetration testing, and the use of advanced security technologies such as firewalls, intrusion detection, and prevention systems, and security information and event management (SIEM) tools.

In addition, organisations should also be proactive in monitoring for signs of an attack and be ready with incident response plans, which can help minimize the damage of a successful attack and help with a faster recovery.

Electric Vehicles

An attack on an electric vehicle (EV) can have serious consequences, potentially compromising the safety and privacy of the vehicle’s occupants, as well as the integrity of the EV’s systems and networks. One way that attackers may target an EV is by exploiting vulnerabilities in the vehicle’s electronic control units (ECUs), which are the computer systems that control various aspects of the vehicle, such as the powertrain, brakes, and steering. 

Attackers could potentially take control of these systems and manipulate the vehicle’s behavior, potentially causing accidents or other dangerous situations.

Another way attackers may target an EV is by exploiting vulnerabilities in the vehicle’s communication systems, such as the onboard diagnostics (OBD) port, or wireless connectivity systems, such as Bluetooth or cellular networks. This can allow attackers to gain access to the vehicle’s systems and data and potentially steal sensitive information such as location data, driving history, and personal information of the occupants.

To mitigate the risk of cyber attacks on EVs, it’s important for manufacturers to design and build vehicles with security in mind. This includes the use of secure coding practices, regular software updates to address known vulnerabilities, and the use of robust security protocols to protect the vehicle’s communication systems.

It’s also important for EV owners to be aware of the risks and take steps to protect their vehicles. This can include keeping their vehicles’ software up to date, being cautious about connecting their vehicles to unfamiliar networks or devices, and not leaving sensitive information such as personal data in the vehicle.

As the trend of Electric cars is getting more popular and advancement in technology is increasing, cyber security in EVs will be a crucial area to ensure the safety and security of both vehicles and their occupants.

Electricity Grids

A cyber attack on an electric grid can have serious consequences, potentially causing widespread power outages and disruptions to the electricity supply. Electric grids are complex systems that rely on many interconnected components, including power generators, transmission and distribution systems, and control systems.

One way that attackers may target an electric grid is by exploiting vulnerabilities in the control systems, such as Supervisory Control and Data Acquisition (SCADA) systems and other industrial control systems (ICS) that are used to monitor and control the grid. Attackers can use malware, phishing scams, or other techniques to gain access to these systems and manipulate the grid’s behavior, potentially causing power outages or other disruptions to the electricity supply.

Another way that attackers may target an electric grid is by exploiting vulnerabilities in the communications systems that are used to transmit data and control signals between distinct parts of the grid. This could include exploiting vulnerabilities in the networks that connect power plants, substations, and other grid components, or by targeting the systems used to manage the grid’s transmission and distribution systems.

To mitigate the risks of attacks on electric grids, it’s important for utilities and grid operators to take a proactive approach to cyber security. This includes implementing robust security measures such as firewalls, intrusion detection and prevention systems, and SIEM tools. Additionally, regular security audits, penetration testing, and employee training on cybersecurity are important.

It’s also important for government agencies, utilities, and grid operators to work together to share threat intelligence and coordinate incident response efforts. 

Furthermore, Industry Standards and regulations such as NIST-CIP, IEC62443, and others provide guidelines for protecting industrial control systems like those used in the electric grid. Given the critical importance of electric grids to our daily lives, ensuring their cyber security is a vital step towards protecting our communities and infrastructure from potential cyber threats.

Thales:     Modern Diplomacy:    APWG:    CSHub:     National News:     ASTRA:    Fox News

You Might Also Read: 

Five Data Security Trends Organisations Must Deal With:  

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Who Foots the Bill For A Data Breach? 
Preventing Ransomware Attacks Begins With You »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

UK Cyber Week Expo & Conference

UK Cyber Week Expo & Conference

Award-winning event organiser ROAR B2B announces the launch of UK Cyber Week and its inaugural event on 4 and 5 April 2023 at the Business Design Centre, London.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ComSec LLC

ComSec LLC

ComSec perform threat assessments to identify vulnerabilities and help protect businesses against corporate espionage via electronic eavesdropping.

Outpost24

Outpost24

Outpost24 provides easy to deploy and intuitive solutions to continuously identify, remediate and mitigate vulnerabilities in your network.

FireMon

FireMon

FireMon is the only agile network security policy platform for firewalls and cloud security groups providing the fastest way to streamline network security policy management.

Cloudbric

Cloudbric

Cloudbric is a cloud-based web security service, offering award-winning WAF, DDoS protection, and SSL, all in a full-service package.

Capita

Capita

Capita is a consulting, digital services and software business, providing end-to-end enterprise IT services and solutions focused around digital transformation and innovation.

Cambridge Intelligence

Cambridge Intelligence

Cambridge Intelligence are experts in network visualization and finding hidden trends in complex connected data. Applications include cybersecurity.

Gate 15

Gate 15

Gate 15 provide risk management services focusing primarily on information, intelligence and threat analysis, operational support and preparedness.

Cybellum

Cybellum

Cybellum provides software risk assessment for DevOps and security executives, by detecting vulnerabilities automatically, without source code.

VNT Software

VNT Software

VNT's vision is to change the way complex IT problems are resolved by predicting business disruptions before they occur.

adaware

adaware

adaware is an award-winning security and privacy software provider, empowering users to connect with confidence.

mPrest

mPrest

mPrest is a global provider of mission-critical monitoring and control solutions for the defense, security, utility and Industrial Internet of Things (IoT) sectors.

ODSC

ODSC

ODSC is a security systems integrator that provides services and expertise in identity management and access.

SOCOTEC Certification International

SOCOTEC Certification International

SOCOTEC Certification International has been providing management systems assessment and accredited ISO certification services to organisations around the world since 1995.

DivvyCloud

DivvyCloud

DivvyCloud protects your cloud and container environments from misconfigurations, policy violations, threats, and IAM challenges.

link22

link22

link22 offers a high level of expertise within IT security and system solutions. We help public and private actors with highly secure IT-solutions.

Quantum eMotion (QeM)

Quantum eMotion (QeM)

Quantum eMotion is a Montreal-based advanced developer leading the way towards a new generation of quantum-safe encryption for the quantum computing age.