Cyber crime is always on the rise. In the UK alone, it’s estimated to cost the economy £27bn a year, with experts believing that the threat is so real, it is a case of when and not if your business is targeted and breached.
Given the advances in the technology we use and the changes to how we work, it is a problem that’s going to persist. The types of threat are evolving and the ways in which cyber criminals target business and consumers is becoming more and more sophisticated.
Here we outline four of the biggest trends in cyber attack to emerge this year.
Increasingly sophisticated identity fraud
Identity fraud is nothing new, though the methods used by cyber criminals are. By combining leaked information with information scoured from the internet and social media they can use AI to impersonate individuals and bypass verification and security controls.
This type of threat – known as deepfake synthetic identity fraud – can then use available information and AI to create new synthetic profiles that can be used to apply for loans, benefits and other financial services. It creates enormous problems for individuals and difficulty for business trying to authenticate their customers.
Automated fraud, sometimes known as fraud-as-a-service, is on the rise. Cyber criminals use automated voice bots to impersonate business and socially engineer customers. It’s particularly malicious because it requires very little resource on the part of the criminal, has a low barrier to entry can therefore be scaled rapidly. An Experian report predicted that this kind of crime would rise in 2022 precisely for that reason.
Again, this kind of fraud isn’t especially new, though the medium is. The rise in real-time payments (RTP) – especially through mobile phones and contactless cards – is allowing cybercriminals to instantly extract cash from victims and then convert it to cryptocurrency, which makes it exceptionally difficult to trace. RTP is on the rise, growing an estimated 23% between now and 2025. For business it’s a big problem because they are especially prone to financial fraud and tend to suffer bigger losses as a consequence.
Gen V attacks
This is an altogether more sophisticated and sinister type of threat compared to those we have seen before. Gen V attacks or 5th Generation cyberattacks are large-scale and multi-vector, meaning that they are designed to infect a number of components in the IT infrastructure – for example, network, cloud, machines, software and endpoints – all at the same time. They spread quickly and are able to evade conventional detection tools like firewalls – making them particularly hard to deal with. Gen V breaches tend to result in huge data losses or disruptions to service – as experienced by the victims of two early Gen V attacks, WannaCry and NotPetya.