Cyber Crime in Transition: Threat Impact and Investigation Strategies

28 November 2023

As 2023 starts to draw to a close, it is an appropriate time to take stock of the Cyber landscape as it is and more specifically, threat actors that have been prevalent over the past year.

With lower barriers to entry and an expansive risk environment, the cost of cyber-crime has reached £6.6 billion, surpassing more traditional types of illegal economies. Ransomware-as-a-Service has morphed into Crime-as-a-Service, which has commoditised access to and resulted in the proliferation of malicious tools including sophisticated attack methodologies.

This is driving criminals to innovate tactics and collaborate like staff at a commercial enterprise.

The industry has become a complex supply chain of subject matter experts in social engineering, credential theft, malware development and money laundering. All this has been backed by the highly persistent and well-funded criminal underworld.

The attack surface available to threat actors has been ever expanding with reliance of technology. Data has become a currency and technology advancement has driven the development of new threat types.

The complexity of the eCrime ecosystem and its business model has accelerated the degree of impact on victims and increased the likelihood of compromise. Many of the recent cyberattacks have been either directly or indirectly attributed to syndicates from specific geographies, such as countries within post-soviet nations.

CyXcel's Technical Director Sachin Bhatt and Senior Managing Consultant Sasha Henry shared their insight into the transition within the cyber crime market.