A new report from threat intelligence firm Cybersixgill Ltd. details worrisome current trends in cybercrime, including a falling barrier to entry driven by generative artificial intelligence services such as OpenAI LP’s ChatGPT.

The State of the Cybercrime Underground report was based on an analysis of Cybersixgill’s collected intelligence from the clear, deep and dark web in 2022. The report provides insights into underground cybercriminal discourse and activity and compares it with trends and data from previous years to reveal the current state of threat actors’ tactics and targets.

The key finding in the report relates to how generative AI is lowering the barrier to entry into cybercrime by enabling threat actors to quickly write malicious code and perform other “pre-ransomware” preparatory activities. Added to the mix, initial access brokers, or IABs, and as-a-service offerings are also contributing to lowering the barriers to entry into cybercrime.

The report specifically cites ChatGPT, noting that it offers legitimate users many benefits beyond a simple text generation tool, including automation of software engineering tasks, data analytics, predictive modeling, language translation and creative writing. But it also gives less sophisticated threat actors a quick way to write malicious code and compelling phishing emails and perform other pre-ransomware preparatory activities.

The combination of AI tools, IABs and as-a-service offerings is said to enable a new generation of less skilled cybercriminals to streamline the weaponization and execution of ransomware and other malicious attacks. Cybersixgill’s researchers anticipate a dramatic rise in the number and intensity of successful cyberattacks and say AI-enabled cybercrime will likely become the norm in the months and years to come. 

Other report findings include credit card fraud declining, claiming that “most of the world has experienced a near-collapse in credit card fraud.” However, it was noted that the U.K. saw an increase in fraudulent card sales in 2022 and now has the highest number of compromised cards per capita globally.

Not surprisingly, cryptocurrency remains a popular cybercrime tool and target. Threat actors find ways to conduct financial fraud through cryptojacking — the illicit use of computing resources to mine cryptocurrency — as well as digital wallet takeovers, cryptomining and siphoning digital assets from crypto exchanges.

The research also observed a rising use of encrypted messaging platforms among cybercriminals. Many cybercriminals now use encrypted messaging platforms such as Telegram, Discord and QQ to collaborate, communicate and trade tools, stolen data and services. In addition, the messaging platforms were found to be used as a launchpad for cyberattacks.

“Cybercrime is rapidly evolving, with new opportunities and obstacles in the cyberthreat landscape impacting threat actors’ tactics, tools and procedures. In response, organizations can no longer rely on outdated technologies and manual processes to defend against increasingly sophisticated attacks,” Delilah Schwartz, security strategist at Cybersixgill, said ahead of the report’s release. “Proactive attack surface management informed by real-time CTI from the deep, dark and clear web is now of paramount importance and will be a critical cyber defense weapon in the months and years to come.”

Image: Pexels