Cybercrime remains a major threat to individuals, businesses, and governments around the world. Leaked credentials will continue to be the main attack vector for initial access. As the internet of things continues to develop, cybercriminals will have access to a greater number of vulnerable devices. 59% of organizations don't deploy zero-trust, incurring an average of 1 million USD in greater breach costs. Cybercrimes such as DDoS, malware, and ransomware are all offered as subscription services, lowering the entry barrier into cybercrime.
The proliferation of crypto payment platforms makes it even easier to trade in cybercrime products and services. Lapsus$, a UK teen group that went on a hacking spree targeting tech titans, were "doing it for the lulz". LAPSUS$'s modus operandi was based on a text-book sim swapping scam. They bought credentials of someone with the right access to resources within an enterprise, called the phone provider, reported the phone stolen, rerouted the sim to their own phone, triggered multi factor authentication on an enterprise access point, and did a password reset. It was ridiculously simple and devastatingly efficient.
The cybersecurity workforce gap compelled enterprises to outsource this part of their cybersecurity to a managed detection and response (MDR) service. Global MDR market size is expected to grow from an estimated value of 2.6 billion USD in 2022 to 5.6bn USD by 2027.
Top comments (0)