Cybercriminals have previously focused on large-scale and sophisticated attacks. However, the focus is increasingly shifting to small-scale cybercrime. In addition, the attackers often use so-called commodity malware.
Security experts from Cisco Talos, the network specialist’s Threat Intelligence team, warn against this. For example, annual figures from the FBI’s Internet Crime Complaint Center (IC3) showed that by 2021, some 847,376 cybercrimes had been reported to the U.S. agency, with total damages of around $6.9 billion’s, more than $8,000 per notification. Cisco Talos examined these figures and noted, among other things, a shift from offline to online crime.
Traditional forms of crime are gradually decreasing in number. This can be explained by criminal gangs on the street switching to the cyber world. Several reports from the US and European countries confirm this trend. The shift from offline to online crime is made possible in part by the accessible and fast-growing commodity malware market. This malware is pre-developed and, in principle, accessible to everyone online. According to Cisco Talos, commodity malware has even overtaken the popular ‘ransomware’ (ransomware) as the most common form of cyber attack.
“Technology has become such an integral part of our lives that anyone with a smartphone can turn to cybercrime. In addition, the growth of cryptocurrencies and the associated anonymity has attracted the attention of those who were previously active in traditional criminal organizations but have now moved on to cybercrime and identity theft,” Cisco Talos said in its recent report.
The company also highlights the challenges in combating these crimes. For example, it is often relatively small amounts: it is easier to hide a few thousand euros than a million in ransom. Therefore, cybercrime is expected to focus less on sophisticated attacks on large enterprises and on individuals and small businesses.
‘Unfortunately, there is no simple solution’, conclude the researchers. What may initially appear to be a decline in certain types of crime may be accompanied by a similar increase in fraud and cybercrime that is not as easy to combat. In any case, there will have to be a change in how security experts and the police work together.’