He also added that in 2023, analysts recorded an unprecedented increase in the number of cyber attacks by ransomware (+160%), the activity of cyber spies, saboteurs and hacktivists (+116%), and continued leaks of databases from companies (246 exposed databases).
It is noted that the most common vector of attacks on companies remains the sending of phishing emails containing malware.
“This method can be used by both pro-government spy groups and financially motivated cybercriminals. In 2023, malicious letters were sent under the guise of an encrypted archive with the results of a fake tender, fake subpoenas, and letters from investigators,” the expert explained.
In addition, according to him, it is now possible to confirm the trend of cybercriminals using well-prepared, well-written phishing bait letters, where malware from a wide family of stealers is used as a malicious payload.
“This is malicious software designed to steal credentials from the attacked device. We are seeing that stealer families are actively expanding. Today, shadow resources host a large number of offers for the sale or rental of these malicious programs,” the RT interlocutor emphasized.
In addition, there are cases when attackers use special stealers in their mailings, adapted to the attackers’ specific goals. They can operate in all popular PC operating systems - Windows, Linux, MacOs, the specialist explained.
“There are also stealers designed to steal data from mobile operating systems. In 2024, we will see an increase in the number of families of malware designed for Linux and MacOs,” concluded Kargalev.
It was previously reported that scientists from the Competence Center of the National Technology Initiative (NTI) for technologies for storing and analyzing big data at Moscow State University have developed a solution for testing the resistance of AI systems to cyber attacks.