The proliferation of technology and the increasing interconnectedness of our digital world has given rise to a new and concerning phenomenon: the emergence of Cybercrime-as-a-Service. Cybercriminal enterprises are rapidly evolving, displaying unprecedented levels of organization and sophistication, which demands further investigation to effectively thwart the market incentives driving demand for these illicit products and services.
“The primary motive behind most cyberattacks is purely financial gain,” said Arie Simchis, General Manager CALA, Radware, during Mexico Cybersecurity Summit 2023.
Distinguishing malicious traffic from legitimate users presents a significant challenge, with the best-case scenario often achieving only a 60% success rate. This alarming statistic highlights the extent to which cybercriminal enterprises have evolved, offering specialized services to facilitate attacks on digital platforms.
Disturbingly, some organizations even boast quick turnaround times, providing a one-hour service to launch targeted attacks against apps. Among the various types of cybercrimes perpetrated, identity theft and phishing schemes emerge as the most prevalent.
The impact of ransomware-as-a-service (RaaS) on industrial control systems (ICS) is set to intensify in the coming years, warns Salvador Valades, Associate Director of Cybersecurity Defence Ops, AstraZeneca. He adds that 2023 and 2024 will represent the peak of cybercrime activity, particularly due to the increasing digitization of businesses without fully matured security infrastructure in place.
Furthermore, the situation is particularly alarming as it allows even those with limited technical expertise to launch devastating cyberattacks, posing a significant threat to critical infrastructure and organizations worldwide. ”In today's landscape, hacking services are readily available to anyone with access to the dark web. The era where cybercriminals were exclusively highly skilled tech experts has become a thing of the past,” says José Antonio Goyri, CISO, Totalplay.
To protect themselves, companies must adopt a comprehensive set of security measures. An essential approach involves the implementation of isolation navigation, which entails isolating critical systems and networks from the wider internet. Additionally, prioritizing email communication facilitated by infrastructure administrators can be a useful tool, as it guarantees that all communications pertaining to vital systems and infrastructure occur through trusted and verified channels. Finally, incorporating two-factor authentication (2FA) provides an additional level of protection. "We must prioritize awareness and training by simulating real-life scenarios to enhance understanding and knowledge about this threat," says Francisco Arguello, CTO, Zurich Mexico.
With the increased accessibility to malicious resources, the potential threat to business operations has significantly intensified, exposing businesses to significant economic risks. However, to address this threat, companies should shift their conception of cybersecurity from an expense to an investment.
“Chief Security Officers (CSOs) bear the responsibility of initiating this crucial conversation and helping CEOs understand that every cybersecurity measure and strategy should align with the business models in order to effectively mitigate risks,” says Isaí Elías Salgado, Director, Cybersecurity Operations, El Palacio de Hierro.