Scammers target people not computers

According to research and intelligence at BlackBerry, criminals are working out how to target consumers better.

The infrastructure of the cyber underground has evolved so they can deliver more timely and personalised deceptions to the public. This infrastructure has also incubated a criminal shared economy, with threat groups sharing and outsourcing malware allowing for attacks to happen at scale.

Some of the biggest cyber incidents of 2021 look to have been the result of this outsourcing.

Key findings of the 2022 BlackBerry Annual Threat Report include:

Small businesses are an increasing focus of attack

Small businesses will continue to be an epicentre for cybercriminal focus as SMEs face upward of 11 cyber threats per device per day, which only stands to accelerate as cybercriminals increasingly adopt collaborative mindsets.

Public cloud platforms are unwittingly hosting malware

An increasing number of payloads are being housed in public cloud platforms. Most of these payloads are highly malleable, meaning they can be cheaply customised. This trend was especially prevalent in North America, where local hosting of vicious payloads including Cobalt Strike surged.

2021’s biggest attacks may have been outsourced

In multiple incidents, BlackBerry identified threat actors leaving behind playbook text files containing IP addresses and more, suggesting the authors of this year’s sophisticated ransomware are not the ones carrying out attacks. This highlights the growing shared economy within the cyber underground.

Source* Business Australia