Human Risk Review 2022
Innovative and highly professional – The new generation of cybercrime
From global crises and geopolitical challenges to the COVID-19 pandemic, the past year has given us no time to rest. Unfortunately, we also witnessed dramatic developments in the field of information security: Cybercriminals did not hesitate to take advantage of dynamic societal events for their own unscrupulous ends. Coupled with this is an increasing professionalization of cybercrime. Organizations are now facing an innovative dark economy in which cybercrime-as-a-service is a common business model. Tactics are evolving almost by the minute.
The IT landscape is also broadening, as hybrid work methods have come to entail new means of communication that offer cybercriminals further opportunities to launch insidious attacks on company systems.
The interface between person and machine is still the primary gateway for cybercriminals, with more than 85 percent of all attacks originating in the human factor. This is no surprise, because
even when the person behind the screen is using a wide range of tools, they are still vulnerable to one common type of attack: emotional manipulation. Supply chain and ransomware attacks – many striking instances of which we have seen in the past year, including in the case of Kaseya and Kronos – often begin with phishing.