Top 5 cybercrimes of 2023

[Father]

Everyone has experienced cybercrime at least once, if they have at least an email address. Just go to the "spam" section and you won't have to work very hard to find an email with a malicious link.

Scammers who call to get bank card details are also considered cybercriminals, despite the fact that they have nothing to do specifically with hackers. But we will not discuss them specifically in the article.

Cybercrime is an illegal act committed using a computer or other network device. Today, Russian legislation provides for various penalties for such crimes, but according to experts, the measures are very lenient, especially regarding the damage and costs of cybersecurity.

In this article, we will look at how cybercrimes are classified, what problem areas there are in the legislation and methods of combating cybercriminals, as well as analyze the top 5 cybercrimes of this year.

What types of cybercrime occur?​

From the point of view of the Criminal Code of the Russian Federation, there are three main types of cybercrime. Each of them contains many branches..

Types of cybercrime:

• unauthorized access to computer information;
• creating malware;
• violation of the rules of operation of information systems.

According to experts, various types of scams that use information technologies stand out, but they are not always directly attributed to cybercrime.

Attackers can also be divided into categories. Here are the main groups that are currently most active:

• conditional "hooligans", which usually include young people who are imbued with"hacker romance". They often act alone and solely for the sake of gaining fame in closed communities and for the sake of high-profile information guides. Such attackers are most often dangerous only for weakly protected information systems;
• hacktivists. Carry out attacks for political, religious or other social reasons;
• financially motivated groups. Cybercriminals in the classical sense);
• APT-groups that are usually associated with different states.

The last category is the most prepared groups, which are provided with high-quality tools and their own infrastructure, which allows them to conduct effective, planned attacks. Many similar groups have appeared/activated in the information field for the last year.

Top 5 cybercrimes​

Several large-scale cybercrimes have already occurred in the first 5 months of 2023. And there are quite a lot of cyber attacks on a political basis. In addition, there were a number of major data leaks. Despite the ever-growing activity of cybercriminals, over the past year and a half, the names of hacktivist groups, as well as groups operating from a particular country, have been particularly loud.

Sergey Polunin
Head of the Infrastructure IT Protection Group at Gazinformservis

The most striking crimes, in my opinion, are various high-profile data leaks. Of course, from a technical point of view, these are not very interesting events – they are organized plus or minus the same, but their public response is often very high. Finding yourself and your personal data in another leak gives you unforgettable emotions.

Alexander Sanin
Commercial Director of Avanpost Company

Due to numerous "custom-made" attacks on Russian companies, the number of cybercrimes is actively growing in Russia. This is due to the fact that in the IT infrastructure of enterprises, hackers can almost always find zero-day vulnerabilities that allow an attack. It also affects the low level of digital hygiene and literacy of employees in the field of information security.Quite often, it is their reckless actions that cause data leaks.

From January to May 2023, attacks were carried out on state-owned companies, large businesses from various spheres, as well as on departments around the world. We have prepared our Top 5 cybercrimes from the beginning of 2023:

1. Theft of S. T. A. L. K. E. R. 2 source code. Hackers broke into the video game development company GSC Game World. Criminals were able to gain access to 30 GB of information on the video game S. T. A. L. K. E. R. 2. The attackers ' demand was to return the Russian voice acting to the game, otherwise they threatened to publish the archive. GSC Game reported that an employee's PC was hacked.
2. Customer data leak from Ferrari. In March, cybercriminals hacked into the database of personal data of Ferrari customers. The motive was very simple-to get a ransom. The company sent a newsletter to its customers saying that it would not make a deal with hackers. The attackers gained access only to personal information that is not directly related to finances – they could not find out the card numbers and what specific cars customers bought.
3. Leak Wolf attack. A group of hackers calling themselves Leak Wolf stole the data of 40 Russian companies in a non-trivial way – without using malware without using malware. They pretended to be employees of companies, received sensitive information and published it. Leak Wolf was attacked in this way by more than 40 companies. Experts believe that the group belongs to hacktivists, as it does not make any demands, especially financial ones.
4. Cyberattack on Western Digital. In late March, cybercriminals hacked into the servers of Western Digital, a manufacturer of hard drives, solid-state drives, flash drives, and other storage devices, and then stole the company's data. The company had to turn off its cloud service for a while. Western Digital said that criminals "gained access to a number of its internal systems."
5. Phishing attack on Reddit. The attackers managed to deceive an employee of the company through a fake website disguised as one of the corporate ones. They stole his data and tokens for two-factor authorization. Attackers gained access to corporate systems, stole internal documents and source codes.

In addition to those mentioned, hundreds more cybercrimes have occurred in the world since the beginning of 2023. Most likely, new ones are currently taking place and being prepared. Now it's too early to sum up the results of the year and talk about the real top cybercrimes, for sure, the most high-profile of them are still ahead.

Crime and punishment
According to experts, the law enforcement practice of recent years in terms of cybercrime was most often reduced to Articles 273 and 159 of the Criminal Code of the Russian Federation "Creation and distribution of malicious programs and fraud", as well as 272 "Unauthorized access to computer information". The wording of the last article includes the widest range of acts-from the actual theft of information, to its blocking, modification, destruction, etc.

Pavel Kuznetsov
Product Director of the company "Garda Technologies"

In my memory, most of the criminal cases initiated were related to embezzlement of funds from legal entities or individuals using malicious code. As for other countries, it is difficult to compile any statistics, especially against the background of a certain "political" nature of individual criminal cases related to the alleged misuse of information and telecommunications technologies.

The peculiarity of cybercrimes is that they can occur from anywhere in the world, and even if you are attacked by a group, each of its participants can be a citizen of different countries. Legislation in this area is just being formed, and each country sets its own rules and the degree of punishment. That is why comprehensive public-private and international cooperation and information exchange between the law enforcement system, other state institutions, international organizations, expert private companies and victim companies are the first things to be achieved.

Pavel Kuznetsov
Product Director of the company "Garda Technologies"

The cornerstones of high-quality investigations, such as correct attribution of attackers, are fundamentally impossible to implement without such cooperation and interaction at all levels. Without the help of the countries where all the servers in the chain of any attack were located, all accusations against a specific address are nothing more than assumptions. Therefore, creating channels for such cooperation and making them more efficient is a primary and necessary step towards defeating cybercrime.

Sergey Polunin
Head of the Infrastructure IT Protection Group at Gazinformservis

There is a great need for qualified personnel, because there are a lot of protection objects, and the entry threshold is still quite high. Another problem is the imperfection of legislation. Fairly serious crimes are still punished very modestly, and this does not motivate business owners to invest in cybersecurity at all. You are actually facing the entire world, not a specific attacker. The same DDoS attack is organized by bots all over the globe at once, and this has to be taken into account.

Experts believe that in addition to the low level of cooperation between countries and even companies in the investigation of cybercrime, the fight against hackers is hindered by the lack of qualified personnel and problems with legislation that still does not punish cybercrime harshly enough.

Conclusion​

Despite the imperfection of legislation on cybercrime and the lack of international cooperation, various progressive companies are finding effective ways not only to investigate attacks, but also to prevent them from happening.

A perfect example of a Bug Bounty. Companies pay rewards to those who find weaknesses and vulnerabilities in products or in their IT systems. This way, problems can be fixed before they are detected by intruders. Most large companies use bug bounty programs today. Most of all in Russia representatives of the banking sector, retail and IT use it.