Professionalization of the cybercrime scene
The IT threat situation will continue to worsen in 2023. The reason for this is the increasing professionalization of the cybercrime scene. Cybercriminals are increasingly misusing permitted applications, such as administrator tools, or manipulating users using digital tricks. The lack of trained IT security specialists further exacerbates the situation. End users are now often unaware of the threats due to their diversity.
Cybercriminals are using new tools
In order to increase their profits, cybercriminals are using increasingly sophisticated and efficient methods. To do this, they are refining and changing their methods to infiltrate networks and using new tools for their attacks. Vulnerabilities in systems that are used across the board are therefore a major risk. This includes, for example, the Java vulnerability Log4Shell, which criminals used to gain access to company servers and which is still being exploited. This shows that a single gap is enough and attackers can compromise several hundred or even thousand companies at the same time. It is therefore important for administrators to always keep servers and end devices up to date with the latest software.
“A central problem for IT security in Germany is and remains that companies do not take warnings about vulnerabilities or security risks seriously. They continue to underestimate the real risk of a cyber attack to themselves and rely on the principle of hope.
Those responsible must act now, because in view of the tense economic situation, no company can afford losses in sales or operational failures that have their origin in an IT security incident.”
Andreas Lüning, co-founder and board member of G DATA CyberDefense
Rootkit Renaissance
Another attack route: Rootkits are again increasingly being used in attacks in which cybercriminals combine different malicious programs with each other. Rootkits can be used to hide malware from security solutions. This obscures criminal logins on the computer, as well as the files and processes associated with this process. Researchers have shown in a proof-of-concept study that attackers rootkits from GitHub , a platform for managing open source software, and incorporate these programs into their attack chains to infiltrate companies.
“The problem is that rootkits are not considered malware in the original sense and are therefore legally provided on GitHub. Such offers are particularly interesting for criminals with little IT knowledge, because programming rootkits is anything but trivial.”
Karsten Hahn, Lead Engineer Prevention, Detection and Response at G DATA CyberDefense
Without skilled workers, there is a lack of IT security
A major challenge particularly affects small and medium-sized companies: the lack of trained IT security specialists. The lack of know-how has a lasting impact on the IT security level. Medium-sized companies cannot close this gap on their own. Managed security services and employees trained in cyber threats offer a way out of this dilemma. It is important that companies act now. An attack on IT with possibly uncontrollable consequences can happen at any time.
Targeting end consumers: Target iPhone
Private smartphones remain an attractive target for attackers , not only because users use them for mobile banking, payment or as a digital key. In the future, attackers will increasingly target iPhones. The reason: iPhone users are considered to have more purchasing power and are therefore also more lucrative for attackers.
“The criminals particularly exploit vulnerabilities in the iOS operating system because this gives them root rights and thus complete control over the device. The current year has shown how serious the situation is, as Apple had to provide patches for critical gaps several times.”
Stefan Decker, mobile security expert at G DATA CyberDefense.
Users must therefore install patches and updates for their smartphone .
Social engineering: people in the crosshairs
As technological protection against malware has improved significantly, cybercriminals are constantly adapting their attack methods. Social engineering attacks can affect anyone and aim personal data or information from victims. Smartphones play a crucial role here: attackers are increasingly making contact with their potential victims via messenger services, such as Whatsapp or Telegram. Current fraud attempts show how real the danger is. Perpetrators have moved the grandchild trick into the digital space, so to speak as “grandchild trick 2.0”. Perpetrators pose as a family member in need and try to persuade their victim to transfer a large amount of money.
Anyone who receives an emergency call should – no matter how difficult it may be – keep a cool head, analyze the scenario and use another channel (e-mail or phone call) to check whether the emergency described has actually occurred.
source:
Press release
Also read our fact checks:
84 actors?
No, a bit player in a vaccination campaign! Ukrainian Justice Minister traveling in a stolen German car?
Video is not a vaccination campaign by the city of Vienna that glorifies violence.
Russian secret service kills STALKER cosplayer
If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:
📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.
Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!
* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )

