Table of Contents
Cyber Security Landscape
The 2023/2024 Axur Cyber Security Landscape report is a deep dive into all of the different forms of threat that impact cyber security at present. They used data from the observation of Surface, Deep, and Dark Web, as well as intelligence studies and investigations by the Threat Intelligence team.
The year that cyberattacks reached new heights
2023 was the year when cyberattacks reached new heights. This was the year of the integration of cyber risk into the broad business risk concept, which boardrooms around the world could not ignore. The aftermath of the losses stemming from the cyberattack became clearer, and the organization started rethinking its strategies.
The geopolitical climate of nations such as Russia and Ukraine deeply impacted information security. The conflicts led to some trickle-down effects that informed the methods and angles of cybercriminals. The year saw an external factor come together with digital threats. Ransomware attacks, which had been mainly about the encryption of data, became something different this time around. Threat actors mainly focused on data exposure and showed the organizations the fines they had to pay, which were something that amounted to a data breach. The stakes were high than ever before.
Artificial intelligence came to be a mighty weapon of cyber attacks. From deepfakes featuring famous celebrities to automated social engineering, the role of AI in cybercrime has significantly risen. One such case is that of fake videos in favour of cryptocurrency scams featuring billionaire Elon Musk and Ethereum founder Vitalik Buterin. Deepfakes of these executives in events are made by the original lines that are replaced by an AI-synthesized voice. The images are altered only in such a way as to ensure lip sync, another function of this kind of AI.
Hacktivist groups also had their day, marking various sides of global conflicts. Their symbolic attacks have put at risk both individuals and organizations, giving further to the requirement for caution in this interlinked world.
Let’s take the synthesized data from the platform #
- A Threefold Increase in Leaked Cards#
The report that at least 13.5 million credit and debit card details were leaked in 2023 has been alarming. This has increased by three times the number of the previous year. The United States is leading the list with almost half of all of the detected card leaks. This surge points to the increased activities on Deep & Dark Web channels, where the trading of such data is done regularly.
Top 10 Countries with the Most Exposed Cards
Following will be noteworthy to study.
## 1. United States
– Reasons for high exposure rate.
– Statistics on credit card fraud in the country.
– Measures being taken to enhance security.
## 2. United Kingdom
– Factors contributing to credit card exposure.
– Comparison with other countries.
– Efforts to combat fraud.
## 3. India
– Growing concern of credit card fraud.
– Vulnerabilities in the system.
– Steps towards strengthening security.
## 4. Brazil
– Emerging issues with credit card security.
– Impact on the financial sector.
– Government initiatives to address security concerns.
## 5. Canada
– Overview of credit card fraud cases.
– Comparison with neighboring countries.
– Security measures in place.
## 6. Australia
– Trends in credit card fraud.
– Vulnerabilities in the system.
– Collaboration between government and industry for improved security.
## 7. Germany
– Credit card security landscape in the country.
– Regulatory framework for protecting consumers.
– Initiatives by financial institutions to prevent fraud.
## 8. China
– Rise in credit card fraud incidents.
– Challenges in combating fraud.
– Technology-driven solutions for enhancing security.
## 9. France
– Overview of credit card fraud statistics.
– Role of government and law enforcement agencies.
– Public awareness campaigns on protecting personal information.
## 10. Japan
– Vulnerabilities in the credit card system.
– Impact on consumers and businesses.
– Steps taken towards improving security measures.
## Conclusion
– Recap of the top 10 countries with the most exposed cards.
– Call to action for individuals to safeguard their financial information.
– Future outlook on global credit card security trends.
Cyber Security Landscape-Source of Credentials Leakage in 2023
1. Focus on Credential Leaks and Info Stealers#
The leaks of credentials, despite remaining stable at 4.2 billion, have seen a shift because of the increase in pastes and major leaks as sources. While 15% of the exposed credentials are corporate, it only brings forth the necessity of sound corporate cybersecurity.
Notably, credential-stealing malware can display a lot of serious vulnerability by fetching 98% of credentials in plain text, thereby circumventing the encryption bars. These credentials are very well documented in log files with relation to acquisition. Credential stealers further capture authorization tokens and cookies, thereby breaching multi-factor authentication.
2.Brand Misuse and Digital Fraud Panorama #
Unusual brand impersonation, for example, in social media profiles, apps, and paid advertisements resulted in 200,680 detections in 2023, up from the previous year.
3.New Frauds: Evolutionary Tactics#
The report has identified a series of new tactics which demand our attention. A telling case is the ability of threat actors to set up the complete e-commerce store in minutes, using the most popular platforms.
In addition, the new types of “phishing” scams take centre stage, presenting an increasingly sophisticated challenge in cyber security landscape. Malicious apps pose as legitimate browsers and load cloned pages on behalf of cybercriminals. This new trend requires increased awareness and innovative countermeasures to counteract these evolving threats.
4.Beyond the Fray: Takedown and Uptime#
Axur removed 330,612 websites and pages from the Internet last year with a noted success rate – particularly against phishing, fake account, and malicious page campaigns. The best of the process is the automatic notification flows, significantly reducing the time from incident to provider notifications.
For example, Axur initiates the notification flow in phishing cases within 5 minutes, and it is efficiently handled by entities such as Shopify, Cloudflare, Namecheap, Hostinger, and GoDaddy, often in the same day. Brand impersonation cases are handled. Accounts can be removed from the platforms like Facebook and Instagram (avg. 41 min and 56 min respectively) after notifications.
5. Deep & Dark Web Insights: Monitoring the Dark Under#
Monitoring 133 million messages and posts on the Deep & Dark Web showed tactical and procedures of malicious agents and played a pivotal role in the prevention of cyber threats. Such monitoring has been further extended to the messaging apps like Telegram, WhatsApp, and Discord, deep web forums, and other illegal marketplaces where cyber criminals sell stolen or compromised data and computer access, and various illicit services.
In total, more than 529,965 incidents are being monitored on Deep & Dark Web, where the main sectors are retail/e-commerce, financial institutions, and technology services. Most importantly, over 374,592 incidents come from text detections, whereas 155,373 incidents come from audio, video, or image detections. Multimedia content analysis is now becoming increasingly critical in developing overall threat visibility since it detects hidden threats.
6.Artificial Intelligence: A New Frontier in Cybercrime#
General notes are in order because AI tools that assist in enhancing software and content creation are now being used for malicious purposes. These tools enable fraudsters to create more credible stories and interactions, which make frauds more sophisticated. On the other hand, Axur is already pioneering the use of generative AI in cyber defence with its launch of Polaris.
Summary
Within cyber security landscape 529,965 cases monitored on Deep & Dark Web, with a main focus on retail/e-commerce, financial institutions, and technology services.
From this, 374,592 cases from text detections.
155,373 cases from audio, video, or image detections: The use of the analysis of multimedia content plays an important role in the identification of threats hidden behind them. A total of 529,965 cases is now being monitored on the Deep & Dark Web, focused on the retail/e-commerce, financial institutions, and technology services sectors.
Of these, 374,592 have been detected through text analysis, while 155,373 have been identified through the analysis of audio, video, or image content. The use of multimedia content analysis is key to the unveiling of hidden threats and the improvement of overall threat visibility.
A total of 529,965 cases is now being monitored on the Deep & Dark Web, focused on the retail/e-commerce, financial institutions, and technology services sectors.
Of these, 374,592 have been detected through text analysis, while 155,373 have been identified through the analysis of audio, video, or image content. The use of multimedia content analysis is key to unveiling hidden threats and improving overall Cyber Security Landscape.
Please also refer to The Hacker News article for comprehensive cyber security landscape