Stolen credentials and ransomware threats will cause record losses of up to $30 billion worldwide in 2023 – IAPP

Share post:

According to the IAPP, ransomware losses worldwide will exceed $30 billion in 2023, and system breaches will be the main cause of data breaches.

Malware and shell access to a device are two examples of attacks proposed for data breaches in the coming year and beyond, but ransomware appears to be the primary method, with ransomware attackers using three new tricks.

The first is data leak and double extortion, which is how ransomware groups demand ransoms for the decryption of critical data and the prevention of data leak.

The second component is the Initial Access Broker (IAB), which enables ransomware attack groups to obtain access to legitimate, high-level access data for targeted companies and to begin exfiltrating data in preparation for the double extortion demand.

The third is ransomware-as-a-service (RaaS), which enables malware developers to rent out ransomware and its control infrastructure to other cybercriminals.

Statistics show that almost half of all data breaches in 2022 started with stolen access data. In the first half of 2022, 600 malicious email campaigns were launched, 58% of which were phishing emails and 28% contained malicious software designed to steal credentials.

Furthermore, as reliance on the cloud grows, attackers have increasingly targeted various entry points into cloud-based networks. Cyber criminals are now targeting unpatched or software vulnerabilities in order to extract data, with Linux operating systems and managed service providers (MSPs) and their networks of SMB customers being increasingly affected recently. Another method is “non-traditional entry avenues” like cryptocurrencies and decentralized finance (DeFi) systems.

The sources for this piece include an article in CPOMagazine.

SUBSCRIBE NOW

Related articles

North Korean Job Scam Targeting IT Job Seekers

North Korea’s Lazarus advanced persistent threat (APT) group has launched a sophisticated campaign, “Operation 99,” targeting freelance software...

Hackers Exploit FastHTTP in High-Speed Microsoft 365 Attacks

Threat actors are employing the FastHTTP Go library to launch high-speed brute-force password attacks on Microsoft 365 accounts...

YouTubers Targeted As Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results

Attackers have found a new way to infect people seeking pirated or cracked software: planting malicious download links...

New macOS Malware Exploits Apple’s Security Features to Stay Hidden and Steal User Data

A newly discovered variant of the Banshee macOS Stealer malware is putting 100 million Apple users at risk...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways