TFL Vsebine / Revija SIR*IUS

Cybercrime Trends 2023 and 2024

V prispevku so povzeti ključni trendi v kibernetskem kriminalu, ki so v letu 2023 in prvi polovici leta 2024 predstavljali resno grožnjo podjetjem in drugim organizacijam. Spletne korporacije, ponudniki storitev informacijske varnosti, razvijalci protivirusne programske opreme, proizvajalci komunikacijske opreme ter različne državne in nadnacionalne institucije skrbno spremljajo in analizirajo dogajanje na tem področju. Prispevek temelji na njihovih javno dostopnih analizah in poročilih. Poleg najpogostejših trendov v kibernetskem kriminalu so predstavljeni še nekateri izstopajoči primeri napadov na podjetja in organizacije v omenjenem obdobju. Izsiljevalska programska oprema ostaja najpomembnejša grožnja še posebej za ranljive sektorje, kot so zdravstvene ustanove. Poleg tega organizacije vse pogosteje doživljajo napade na hibridna in oblačna okolja, kar še dodatno otežuje zaščito njihovih informacijskih sistemov. Prav tako pomembno vlogo pri organizaciji kibernetskih napadov imajo podporne storitve, ki kriminalcem olajšajo dostop do občutljivih podatkov in omogočajo izvajanje škodljivih aktivnosti tudi manj izkušenim napadalcem. V prispevku je poudarjeno, da bo imela umetna inteligenca v prihodnje ključno vlogo pri kibernetskih napadih, kar organizacijam nalaga okrepljene varnostne ukrepe in večjo pripravljenost za obrambo.

The article summarizes the key trends in cybercrime that posed significant threats to businesses and other organizations in 2023 and the first half of 2024. Online cor- porations, information security service providers, antivirus software developers, communi- cation equipment manufacturers, as well as various national and supranational institutions closely monitor and analyse developments in this field. The article is based on their publicly available analyses and reports. In addition to the most common trends in cybercrime, several prominent examples of cyberattacks on companies and organizations during this period are also presented. Ransomware remains the most significant threat, especially to vulnerable sectors such as healthcare. Additionally, organizations are increasingly facing attacks on hybrid and cloud environments, further complicating the protection of their information systems. Support services play a crucial role in organising cyberattacks, enabling criminals to gain easier access to sensitive data, which allows even less experienced attackers to carry out harmful activities. The article highlights that artificial intelligence will play a critical role in future cyberattacks, requiring organizations to adopt enhanced security measures and great- er preparedness for defence.