Coming Your Way - The Top Cyber Crimes In 2023

Uploaded on 2023-01-25 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Transport & Travel, BUSINESS-Production-Utilities, BUSINESS-Production-Manufacturing, BUSINESS-Production-Energy

Cyber security experts have warned that 2023 could usher in a new era of concerns over cyber attacks, which are expected to rise sharply this year as new threats emerge faster than ever and with the rapid  expansion  of digital technologies, the nature of crime has been transformed. 

A rapid increase in cyber crime has become a visible, expanding trend that has been affecting a variety of industries, governments and organisations. 

Factors such as the increasing extensive global connectivity, widespread sharing of data among devices and reliance on weak security networks will rapidly increase these attacks. Crime potentially becomes more lethal and untraceable and some cyber security expert are warning about the new nature and domains of cyber-crime in 2023. Here are some of the cyber crime examples:

Phishing Attacks

Phishing attacks soared in 2022, with international consortium and fraud prevention group the Anti-Phishing Working Group (APWG) reported a total of almost 3.4 million phishing attacks in the first nine months of 2022. 
There were 1,025,968 attacks in Q1, 1,097,811 attacks in Q2 and 1,270,883 attacks in Q3, with each quarter breaking the record as the worst quarter APWG has ever observed.

Ransomware Threats 

Ransomware attacks, which threaten to compromise a user's personal data or block access to it until a ransom is paid, are as old as the Internet itself. However, experts are warning that the old tactic is expected to become a bigger threat in 2023, with cyber criminals adapting to the tools people have depended on to keep them safe.

 Hospital Cyber Attacks

Hospitals are targeted by cyber criminals because they have valuable personal and financial information about patients and because the consequences of a successful attack can be severe. In a cyber attack on a hospital system, the attacker may try to gain unauthorised access to the hospital’s computer systems and steal or manipulate data, disrupt the operation of medical devices, or disrupt the delivery of healthcare. 

The attack may also involve ransomware, where the attacker holds the hospital’s data hostage and demands a ransom to restore access.

It is important for hospitals to have strong cyber security measures in place to protect against cyber attacks. This may include measures such as firewalls, antivirus software, and secure passwords, as well as ongoing training for staff on how to recognise and prevent attacks.

QR Code Scanning

Scanning a QR code has the potential to compromise your personal data if the QR code is linked to a malicious website or if it is used to steal your personal information. It’s important to be cautious when scanning QR codes, especially if they are from unfamiliar sources. It’s also a good practice to check the URL of the website that the QR code leads to, to make sure it is a legitimate website and not a phishing site or other type of scam.

You should also use a QR code scanner app that checks for safety and has some sort of building security checks, also updating your device and QR scanner app on regular basis will make sure you have the latest security patches. It’s a good practice to avoid scanning QR codes from untrusted sources and only scan QR codes from sources that you know and trust.

Supply Chain Attacks

In a supply chain cyber attack, attackers typically target the systems and networks that companies use to manage and track their inventory, orders, and shipments. Attacks on a supply chain can have significant consequences for the affected organisations and their customers. These types of attacks can disrupt the flow of goods and services, leading to delays, lost revenue, and potentially even damage to a company’s reputation. For example, an attacker might target a company’s Enterprise Resource Planning (ERP) system, which is used to manage inventory and production, or a transportation management system (TMS), which is used to track shipments and deliveries.

The attacker can gain access to these systems through a variety of methods, such as exploiting vulnerabilities in software, phishing scams, or other forms of social engineering. 

Once they have access, they can steal sensitive information such as customer data, financial data, and intellectual property, or disrupt the normal operation of these systems. This can lead to delays in deliveries, stakeouts, and unplanned downtime in production.

It’s important for organisations to take steps to protect their supply chains from cyber attacks, by implementing measures such as security awareness training for employees, regular security audits and penetration testing, and the use of advanced security technologies such as firewalls, intrusion detection, and prevention systems, and security information and event management (SIEM) tools.

In addition, organisations should also be proactive in monitoring for signs of an attack and be ready with incident response plans, which can help minimize the damage of a successful attack and help with a faster recovery.

Electric Vehicles

An attack on an electric vehicle (EV) can have serious consequences, potentially compromising the safety and privacy of the vehicle’s occupants, as well as the integrity of the EV’s systems and networks. One way that attackers may target an EV is by exploiting vulnerabilities in the vehicle’s electronic control units (ECUs), which are the computer systems that control various aspects of the vehicle, such as the powertrain, brakes, and steering. 

Attackers could potentially take control of these systems and manipulate the vehicle’s behavior, potentially causing accidents or other dangerous situations.

Another way attackers may target an EV is by exploiting vulnerabilities in the vehicle’s communication systems, such as the onboard diagnostics (OBD) port, or wireless connectivity systems, such as Bluetooth or cellular networks. This can allow attackers to gain access to the vehicle’s systems and data and potentially steal sensitive information such as location data, driving history, and personal information of the occupants.

To mitigate the risk of cyber attacks on EVs, it’s important for manufacturers to design and build vehicles with security in mind. This includes the use of secure coding practices, regular software updates to address known vulnerabilities, and the use of robust security protocols to protect the vehicle’s communication systems.

It’s also important for EV owners to be aware of the risks and take steps to protect their vehicles. This can include keeping their vehicles’ software up to date, being cautious about connecting their vehicles to unfamiliar networks or devices, and not leaving sensitive information such as personal data in the vehicle.

As the trend of Electric cars is getting more popular and advancement in technology is increasing, cyber security in EVs will be a crucial area to ensure the safety and security of both vehicles and their occupants.

Electricity Grids

A cyber attack on an electric grid can have serious consequences, potentially causing widespread power outages and disruptions to the electricity supply. Electric grids are complex systems that rely on many interconnected components, including power generators, transmission and distribution systems, and control systems.

One way that attackers may target an electric grid is by exploiting vulnerabilities in the control systems, such as Supervisory Control and Data Acquisition (SCADA) systems and other industrial control systems (ICS) that are used to monitor and control the grid. Attackers can use malware, phishing scams, or other techniques to gain access to these systems and manipulate the grid’s behavior, potentially causing power outages or other disruptions to the electricity supply.

Another way that attackers may target an electric grid is by exploiting vulnerabilities in the communications systems that are used to transmit data and control signals between distinct parts of the grid. This could include exploiting vulnerabilities in the networks that connect power plants, substations, and other grid components, or by targeting the systems used to manage the grid’s transmission and distribution systems.

To mitigate the risks of attacks on electric grids, it’s important for utilities and grid operators to take a proactive approach to cyber security. This includes implementing robust security measures such as firewalls, intrusion detection and prevention systems, and SIEM tools. Additionally, regular security audits, penetration testing, and employee training on cybersecurity are important.

It’s also important for government agencies, utilities, and grid operators to work together to share threat intelligence and coordinate incident response efforts. 

Furthermore, Industry Standards and regulations such as NIST-CIP, IEC62443, and others provide guidelines for protecting industrial control systems like those used in the electric grid. Given the critical importance of electric grids to our daily lives, ensuring their cyber security is a vital step towards protecting our communities and infrastructure from potential cyber threats.

Thales:     Modern Diplomacy:    APWG:    CSHub:     National News:     ASTRA:    Fox News

You Might Also Read: 

Five Data Security Trends Organisations Must Deal With:  

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Who Foots the Bill For A Data Breach? 
Preventing Ransomware Attacks Begins With You »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Malwarebytes

Malwarebytes

Malwarebytes provides artificial intelligence-powered technology that stops cyberattacks before they can compromise computers and endpoints.

Wall Street Technology Association (WSTA)

Wall Street Technology Association (WSTA)

The Wall Street Technology Association (WSTA) provides financial industry technology professionals with forums to learn from and connect with each other.

International Association of Professional Security Consultants (IAPSC)

International Association of Professional Security Consultants (IAPSC)

Members of the IAPSC represent a unique group of respected, ethical and competent security consultants.

CERT.LV

CERT.LV

CERT.LV is the national Computer Emergency Response Team for Latvia.

GeoLang

GeoLang

GeoLang’s Ascema platform protects sensitive information at the content level by identifying, classifying and tracking data across the corporate infrastructure.

Magix Security

Magix Security

Magix Security assesses the cyber threat, gives you visibility of how vulnerable your business is to attack, and provides cybercrime detection and prevention services.

Search Guard

Search Guard

Search Guard® is an Open Source security suite for #Elasticsearch and the entire #ELK stack that offers encryption, authentication, authorization, audit logging and multi tenancy.

Axellio

Axellio

Axellio provides economic, end-to-end cyber security solutions designed for your team, environment, and security objectives, providing packet level visibility across your network.

Presidio Identity

Presidio Identity

Presidio Identity offers a digital-native approach that brings security, privacy, and simplicity to user authentication and digital interactions.

TotalAV

TotalAV

TotalAV Antivirus is a free-to-use app packed with all the essential features to find and remove malware, keeping you safe.

Data Protection Commission (DPC) - Ireland

Data Protection Commission (DPC) - Ireland

The Data Protection Commission (DPC) is the national independent authority responsible for upholding the fundamental right of individuals in the EU to have their personal data protected.

TechMD

TechMD

TechMD (formerly ICS) is an award-winning IT solutions firm that specializes in cloud solutions, managed cybersecurity services, strategic IT consulting, and managed IT services.

C2 Risk

C2 Risk

C2 Risk are focussed on risk analytics for information assurance, privacy and ESG (Environmental, Social, and Governance).

Vector Choice Technologies

Vector Choice Technologies

Vector Choice Technology Solutions has a long standing reputation in cyber security consulting since 2008.

American Binary

American Binary

American Binary is a Quantum Safe Networking (TM) and post-quantum encryption company.

Cloudsmith

Cloudsmith

Cloudsmith is the only cloud-native, global, universal artifact management platform for securely developing and distributing software.