• About
  • Advertise
  • Careers
  • Contact Us
Sunday, June 22, 2025
  • Login
No Result
View All Result
NEWSLETTER
Tech | Business | Economy
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
    • Mobility
    • Environment
    • Travel
    • StartUPs
      • Chidiverse
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • EventDIARY
    • Editorial
    • Appointment
  • TECHECONOMY TV
  • Apply
  • TBS
  • BusinesSENSE For SMEs
  • Chidiverse
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
    • Mobility
    • Environment
    • Travel
    • StartUPs
      • Chidiverse
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • EventDIARY
    • Editorial
    • Appointment
  • TECHECONOMY TV
  • Apply
  • TBS
  • BusinesSENSE For SMEs
  • Chidiverse
No Result
View All Result
Tech | Business | Economy
No Result
View All Result
ADVERTISEMENT
Home Business Security

Sophos 2023 Threat Report Details How Cyberthreat Landscape Reached a New Level of Commercialization

by Admin
November 21, 2022
in Security
0
Sophos 2023 Threat Report
UBA
Advertisements

Sophos, a global leader in innovating and delivering cybersecurity as a service, has published its 2023 Threat Report.

The report details how the cyberthreat landscape has reached a new level of commercialization and convenience for would-be attackers, with nearly all barriers to entry for committing cybercrime removed through the expansion of cybercrime-as-a-service.

The report also addresses how ransomware remains one of the greatest cybercrime threats to organizations with operators innovating their extortion tactics, as well as how demand for stolen credentials continues to grow.

Criminal underground marketplaces like Genesis have long made it possible to buy malware and malware deployment services (“malware-as-a-service”), as well as to sell stolen credentials and other data in bulk. Over the last decade, with the increasing popularity of ransomware, an entire “ransomware-as-a-service” economy sprung up. Now, in 2022, this “as-a-service” model has expanded, and nearly every aspect of the cybercrime toolkit—from initial infection to ways to avoid detection—is available for purchase.

Sean Gallagher Sophos
Advertisements
MTN ADS
Sean Gallagher, principal threat researcher, Sophos

“This isn’t just the usual fare, such as malware, scamming and phishing kits for sale,” said Sean Gallagher, principal threat researcher, Sophos. “Higher rung cybercriminals are now selling tools and capabilities that once were solely in the hands of some of the most sophisticated attackers as services to other actors. For example, this past year, we saw advertisements for OPSEC-as-a-service where the sellers offered to help attackers hide Cobalt Strike infections, and we saw scanning-a-service, which gives buyers access to legitimate commercial tools like Metasploit, so that they can find and then exploit vulnerabilities. The commoditization of nearly every component of cybercrime is impacting the threat landscape and opening up opportunities for any type of attacker with any type of skill level.”

With the expansion of the “as-a-service” economy, underground cybercriminal marketplaces are also becoming increasingly commodified and are operating like mainstream businesses. Cybercrime sellers are not just advertising their services but are also listing job offers to recruit attackers with distinct skills. Some marketplaces now have dedicated help-wanted pages and recruiting staff, while job seekers are posting summaries of their skills and qualifications.

“Early ransomware operators were rather limited in how much they could do because their operations were centralized; group members were carrying out every aspect of an attack. But as ransomware became hugely profitable, they looked for ways to scale their productions. So, they began outsourcing parts of their operations, creating an entire infrastructure to support ransomware. Now, other cybercriminals have taken a cue from the success of this infrastructure and are following suit,” said Gallagher.

Indeed, as the cybercrime infrastructure has expanded, ransomware has remained highly popular—and highly profitable. Over the past year, ransomware operators have worked on expanding their potential attack service by targeting platforms other than Windows while also adopting new languages like Rust and Go to avoid detection. Some groups, most notably Lockbit 3.0, have been diversifying their operations and creating more “innovative” ways to extort victims.

Sophos 2023 Threat Report

“When we talk about the growing sophistication of the criminal underground, this extends to the world of ransomware. For example, Lockbit 3.0 is now offering bug bounty programs for its malware and ‘crowd-sourcing’ ideas to improve its operations from the criminal community. Other groups have moved to a ‘subscription model’ for access to their leak data and others are auctioning it off. Ransomware has become, first and foremost, a business,” said Gallagher.

The evolving economics of the underground has not only incentivized the growth of ransomware and the “as-a-service” industry, but also increased the demand for credential theft. With the expansion of web services, various types of credentials, especially cookies, can be used in numerous ways to gain a deeper foothold in networks, even bypassing MFA. Credential theft also remains one of the easiest ways for novice criminals to gain access to underground marketplaces and begin their “career.”

Sophos also analyzed the following trends:

  • The war in Ukraine had global repercussions for the cyberthreat landscape. Immediately following the invasion, there was an explosion of financially motivated scams, while nationalism led to a shake-up of criminal alliances between Ukrainians and Russians, particularly among ransomware affiliates.

 

  • Criminals continue to exploit legitimate executables and utilize “living off the land binaries” (LOLBins) to launch various types of attacks, including ransomware. In some cases, attackers deploy legitimate but vulnerable system drivers in “bring your own driver”attacks to attempt to shut down endpoint detection and response products to evade detection.

 

Sophos 2023 Threat Report

  • Mobile devices are now at the center of new types of cybercrimes. Not only are attackers still using fake applications to deliver malware injectors, spyware and banking-associated malware, but newer forms of cyberfraud have been growing in popularity, such as “pig butchering”schemes. And this crime is no longer just affecting Android users, but iOS users as well.

 

  • The devaluation of Monero, one of the most popular cryptocurrencies for cryptominers, led to a decrease in one of the oldest and most popular types of cryptocrime—cryptomining. But mining malware continues to spread through automated “bots” on both Windows and Linux systems.

To learn more about the changing threat landscape in 2022 and what it means for security teams in 2023, read the full Sophos 2023 Threat Report.

The Sophos 2023 Threat Report consists of research and insights from Sophos X-Ops, a new, cross-operational unit that links three established teams of cybersecurity experts at Sophos (SophosLabs, Sophos SecOps, and Sophos AI).

Sophos X-Ops includes more than 500 cybersecurity experts worldwide uniquely equipped to offer a complete, multi-disciplinary picture of an increasingly complex threat landscape.

To learn more about daily cyberattacks and TTPs, follow Sophos X-Ops on Twitter and subscribe to receive current threat research and security operations articles and reports from the frontlines of cybersecurity.  

Loading

Author

  • Admin

    TechEconomy is a Distinct News Media That Focuses on BUSINESSES, PEOPLE, PLATFORMS, INSTITUTIONS

    View all posts
0Shares
Tags: SophosSophos X-OpsSophosLabs
Admin

Admin

TechEconomy is a Distinct News Media That Focuses on BUSINESSES, PEOPLE, PLATFORMS, INSTITUTIONS

Next Post
OSSD - Tinuade Olufolabi, Principal, Maple Canadian College

Maple Canadian College Leveraging OSSD Solution to Deliver Quality Education, says Tinuade Olufolabi

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Recommended

Over 30,000 Nigerian Students Benefit from New Student Loan Scheme

Over 30,000 Nigerian Students Benefit from New Student Loan Scheme

1 year ago

Driving Marketing in the Digital Era: Lessons from Eskimi CMO Masterclass in Nigeria

3 years ago

Popular News

    Connect with us

    • About
    • Advertise
    • Careers
    • Contact Us

    © 2025 TECHECONOMY.

    No Result
    View All Result
    • News
    • Tech
      • DisruptiveTECH
      • ConsumerTech
      • How To
      • TechTAINMENT
    • Business
      • Telecoms
      • Mobility
      • Environment
      • Travel
      • StartUPs
        • Chidiverse
      • TE Insights
      • Security
    • Partners
    • Economy
      • Finance
      • Fintech
      • Digital Assets
      • Personal Finance
      • Insurance
    • Features
      • IndustryINFLUENCERS
      • Guest Writer
      • EventDIARY
      • Editorial
      • Appointment
    • TECHECONOMY TV
    • Apply
    • TBS
    • BusinesSENSE For SMEs

    © 2025 TECHECONOMY.

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In
    Translate »
    This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.