In some cases, cyber espionage is carried out simply to stain the reputation of the targets by leaking dubious business practices or private information
In the Middle East, cybercriminals heavily targeted the services, defence and energy sectors. Globally, the services sector claimed 33 per cent of all attacks, the CyberRes Galaxy 2022 Annual Report found.
“The year 2021 smashed all records regarding the sheer number of cyberattacks on government entities, private-sector organisations, and individuals. While several new threat actors emerged on the cybersecurity threat landscape in 2021, the existing ones also adopted more advanced tactics, techniques, and procedures (TTPs) to enhance the effectiveness of their operations,” the report found.
Espionage, socio-political, criminal, and personal is all motivators for cybercriminals. In some cases, cyber espionage is carried out simply to stain the reputation of the targets by leaking dubious business practices or private information. The motives are relatively static, but as technology advances, so do criminals’ tactics. More significant technological advancement means a greater need to tie up loose security ends. Without constant monitoring, the threat landscape will continue to evolve.
Now, some hackers are finding their way around security systems without the expertise previously needed.
“Service-oriented threat actor groups continue to increase and their tactics are becoming more precise. One of the major changes is the nature of the attacks. They are becoming far more service-oriented (“phishing as a service”), allowing attackers who might not have the required technical abilities to carry out attacks still. In 2021 cloud misconfigurations were widely exploited. Several campaigns leveraged vulnerabilities that were discovered during supply-chain attacks. And, triple extortion techniques caused a significant impact due to the threat actors targeting victims, clients, and customers,” the report found.
And tech advancements continue to present new opportunities for hackers. Digital payments, another relatively nascent and fast-evolving technology, have provided hackers with an opportunity. Security pros continue detecting and eliminating threats from malicious actors in an ever-evolving landscape. One way they’re doing this is through public-private partnerships.
“Public-private partnerships are becoming strategic cybersecurity tools. Cybersecurity-related complaints have tripled during the pandemic. With the increase in threats, governments cannot address all the threats themselves. Instead, they are collaborating with private organisations to help them re-design their cybersecurity posture in order to resolve issues promptly and protect against attacks,” the report found.