by Florian Skopik (AIT Austrian Institute of Technology) and Kyriakos Stefanidis (ISI)
Cybercrime has grown to a profitable multi-billion-dollar business. The number of reported criminal offences is continuously rising every year. The reasons for this development are the ever-increasing dependency on IT technology for almost every business, the opportunity for attackers to operate in the dark, and the continuously growing attack surface. With the adoption of new computing paradigms, such as cloud computing and the Internet of Things, not only new opportunities for legitimate businesses arise, but also new ways for criminals to make profit or to attack and de-stabilise a country’s economy or society. In recent years, we have witnessed the rise of ransomware attacks on a large scale, Distributed Denial of Service (DDoS) attacks with high volumes that have never been observed before, and data leaks that massively harmed global businesses. Besides stealing business-critical data, harming or blackmailing individuals or organisations, large-scale attacks on critical infrastructures of a region or nation-state have become a severe threat. Some examples are the recent attacks on the US-East-Coast Colonial Pipeline, one of the largest US pipeline operators, and the use of cybersecurity attacks on Ukrainian infrastructures. Finally, the ever-growing de-stabilising disinformation campaigns and cyberwar practices in general are increasingly shaping social and political conflicts. Thousands of high-impact attacks have already demonstrated the vulnerability of complex interconnected systems.