Coming Your Way - The Top Cyber Crimes In 2023

Uploaded on 2023-01-25 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Transport & Travel, BUSINESS-Production-Utilities, BUSINESS-Production-Manufacturing, BUSINESS-Production-Energy

Cyber security experts have warned that 2023 could usher in a new era of concerns over cyber attacks, which are expected to rise sharply this year as new threats emerge faster than ever and with the rapid  expansion  of digital technologies, the nature of crime has been transformed. 

A rapid increase in cyber crime has become a visible, expanding trend that has been affecting a variety of industries, governments and organisations. 

Factors such as the increasing extensive global connectivity, widespread sharing of data among devices and reliance on weak security networks will rapidly increase these attacks. Crime potentially becomes more lethal and untraceable and some cyber security expert are warning about the new nature and domains of cyber-crime in 2023. Here are some of the cyber crime examples:

Phishing Attacks

Phishing attacks soared in 2022, with international consortium and fraud prevention group the Anti-Phishing Working Group (APWG) reported a total of almost 3.4 million phishing attacks in the first nine months of 2022. 
There were 1,025,968 attacks in Q1, 1,097,811 attacks in Q2 and 1,270,883 attacks in Q3, with each quarter breaking the record as the worst quarter APWG has ever observed.

Ransomware Threats 

Ransomware attacks, which threaten to compromise a user's personal data or block access to it until a ransom is paid, are as old as the Internet itself. However, experts are warning that the old tactic is expected to become a bigger threat in 2023, with cyber criminals adapting to the tools people have depended on to keep them safe.

 Hospital Cyber Attacks

Hospitals are targeted by cyber criminals because they have valuable personal and financial information about patients and because the consequences of a successful attack can be severe. In a cyber attack on a hospital system, the attacker may try to gain unauthorised access to the hospital’s computer systems and steal or manipulate data, disrupt the operation of medical devices, or disrupt the delivery of healthcare. 

The attack may also involve ransomware, where the attacker holds the hospital’s data hostage and demands a ransom to restore access.

It is important for hospitals to have strong cyber security measures in place to protect against cyber attacks. This may include measures such as firewalls, antivirus software, and secure passwords, as well as ongoing training for staff on how to recognise and prevent attacks.

QR Code Scanning

Scanning a QR code has the potential to compromise your personal data if the QR code is linked to a malicious website or if it is used to steal your personal information. It’s important to be cautious when scanning QR codes, especially if they are from unfamiliar sources. It’s also a good practice to check the URL of the website that the QR code leads to, to make sure it is a legitimate website and not a phishing site or other type of scam.

You should also use a QR code scanner app that checks for safety and has some sort of building security checks, also updating your device and QR scanner app on regular basis will make sure you have the latest security patches. It’s a good practice to avoid scanning QR codes from untrusted sources and only scan QR codes from sources that you know and trust.

Supply Chain Attacks

In a supply chain cyber attack, attackers typically target the systems and networks that companies use to manage and track their inventory, orders, and shipments. Attacks on a supply chain can have significant consequences for the affected organisations and their customers. These types of attacks can disrupt the flow of goods and services, leading to delays, lost revenue, and potentially even damage to a company’s reputation. For example, an attacker might target a company’s Enterprise Resource Planning (ERP) system, which is used to manage inventory and production, or a transportation management system (TMS), which is used to track shipments and deliveries.

The attacker can gain access to these systems through a variety of methods, such as exploiting vulnerabilities in software, phishing scams, or other forms of social engineering. 

Once they have access, they can steal sensitive information such as customer data, financial data, and intellectual property, or disrupt the normal operation of these systems. This can lead to delays in deliveries, stakeouts, and unplanned downtime in production.

It’s important for organisations to take steps to protect their supply chains from cyber attacks, by implementing measures such as security awareness training for employees, regular security audits and penetration testing, and the use of advanced security technologies such as firewalls, intrusion detection, and prevention systems, and security information and event management (SIEM) tools.

In addition, organisations should also be proactive in monitoring for signs of an attack and be ready with incident response plans, which can help minimize the damage of a successful attack and help with a faster recovery.

Electric Vehicles

An attack on an electric vehicle (EV) can have serious consequences, potentially compromising the safety and privacy of the vehicle’s occupants, as well as the integrity of the EV’s systems and networks. One way that attackers may target an EV is by exploiting vulnerabilities in the vehicle’s electronic control units (ECUs), which are the computer systems that control various aspects of the vehicle, such as the powertrain, brakes, and steering. 

Attackers could potentially take control of these systems and manipulate the vehicle’s behavior, potentially causing accidents or other dangerous situations.

Another way attackers may target an EV is by exploiting vulnerabilities in the vehicle’s communication systems, such as the onboard diagnostics (OBD) port, or wireless connectivity systems, such as Bluetooth or cellular networks. This can allow attackers to gain access to the vehicle’s systems and data and potentially steal sensitive information such as location data, driving history, and personal information of the occupants.

To mitigate the risk of cyber attacks on EVs, it’s important for manufacturers to design and build vehicles with security in mind. This includes the use of secure coding practices, regular software updates to address known vulnerabilities, and the use of robust security protocols to protect the vehicle’s communication systems.

It’s also important for EV owners to be aware of the risks and take steps to protect their vehicles. This can include keeping their vehicles’ software up to date, being cautious about connecting their vehicles to unfamiliar networks or devices, and not leaving sensitive information such as personal data in the vehicle.

As the trend of Electric cars is getting more popular and advancement in technology is increasing, cyber security in EVs will be a crucial area to ensure the safety and security of both vehicles and their occupants.

Electricity Grids

A cyber attack on an electric grid can have serious consequences, potentially causing widespread power outages and disruptions to the electricity supply. Electric grids are complex systems that rely on many interconnected components, including power generators, transmission and distribution systems, and control systems.

One way that attackers may target an electric grid is by exploiting vulnerabilities in the control systems, such as Supervisory Control and Data Acquisition (SCADA) systems and other industrial control systems (ICS) that are used to monitor and control the grid. Attackers can use malware, phishing scams, or other techniques to gain access to these systems and manipulate the grid’s behavior, potentially causing power outages or other disruptions to the electricity supply.

Another way that attackers may target an electric grid is by exploiting vulnerabilities in the communications systems that are used to transmit data and control signals between distinct parts of the grid. This could include exploiting vulnerabilities in the networks that connect power plants, substations, and other grid components, or by targeting the systems used to manage the grid’s transmission and distribution systems.

To mitigate the risks of attacks on electric grids, it’s important for utilities and grid operators to take a proactive approach to cyber security. This includes implementing robust security measures such as firewalls, intrusion detection and prevention systems, and SIEM tools. Additionally, regular security audits, penetration testing, and employee training on cybersecurity are important.

It’s also important for government agencies, utilities, and grid operators to work together to share threat intelligence and coordinate incident response efforts. 

Furthermore, Industry Standards and regulations such as NIST-CIP, IEC62443, and others provide guidelines for protecting industrial control systems like those used in the electric grid. Given the critical importance of electric grids to our daily lives, ensuring their cyber security is a vital step towards protecting our communities and infrastructure from potential cyber threats.

Thales:     Modern Diplomacy:    APWG:    CSHub:     National News:     ASTRA:    Fox News

You Might Also Read: 

Five Data Security Trends Organisations Must Deal With:  

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Who Foots the Bill For A Data Breach? 
Preventing Ransomware Attacks Begins With You »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

SANS Institute

SANS Institute

SANS is the most trusted and by far the largest source for information security training and security certification in the world.

360Logica

360Logica

360Logica is a software testing company offering numerous kinds of testing services to improve the quality and performance of your software and IT systems.

Cyber Future Foundation (CFF)

Cyber Future Foundation (CFF)

CFF was established to create a cyberspace where digital commerce and innovation can thrive based on trust and respect to individual privacy.

Compass Security

Compass Security

Compass Security is a specialist IT Security consultancy firm based in Switzerland. Services include pentesting, security assessments, digital forensics and security training.

Intrusion

Intrusion

Intrusion provides IT professionals with the most robust tool set available for performing in-depth research and analysis of network traffic.

NetFort

NetFort

NetFort provides software products to monitor activity on virtual and physical networks.

Intrasoft International

Intrasoft International

Intrasoft International is a leading European IT Solutions and Services Group offering a full range of IT services including Information Security.

Cyber Defense Labs

Cyber Defense Labs

Cyber Defense Labs helps companies identify, mitigate and reduce risk as a trusted, reliable partner for cyber risk management.

AimBrain

AimBrain

AimBrain tools detect and prevent fraud, faster and more accurately than ever before.

GulfTalent

GulfTalent

GulfTalent is the leading job site for professionals in the Middle East and Gulf region covering all sectors and job categories, including cybersecurity.

Bloc Ventures

Bloc Ventures

Bloc Ventures is an investment company providing long-term, ‘patient’ equity capital to early stage unquoted deep technology companies.

AdaCore

AdaCore

AdaCore is focused on helping developers build safe, secure and reliable software.

SecurityGen

SecurityGen

SecurityGen is a global cybersecurity start-up focused on telecom security, with a focus on 5G networks.

ThreatLocker

ThreatLocker

The ThreatLocker Platform provides a Zero Trust security solution that offers a unified approach to protecting users, devices, and networks against the exploitation of zero day vulnerabilities.

Cymune

Cymune

At Cymune we help businesses to fight against cybercrime, protect patented data and diminish security risks.

Wisr AI

Wisr AI

Wisr AI helps enterprises assess not only their own internal Cyber Risk posture, but also helps prioritize the inherent risk faced through 3rd party infrastructure and supply chain connections.