Cybercrimes have been a rising issue for law enforcement in recent years as small independent cells and state-sponsored groups have attacked public and private sector organizations for ransoms and espionage purposes.
Earlier this week, American and British authorities handed down indictments against members of a hacking group identified as Advanced Persistent Threat 31, which is believed to be sponsored by the Chinese government, per Reuters. The group is accused of hacking government officials, political organizations, and defense contractors.
Deputy U.S. Attorney General Lisa Monaco said in a statement that the group’s goals have been to repress critics of the Chinese government, compromise U.S. institutions, and steal trade secrets, as reported by Reuters. The group was funded through a front company operating as a Ministry of State Security office.
“Today’s announcement exposes China’s continuous and brash efforts to undermine our nation’s cybersecurity and target Americans and our innovation,” FBI Director Christopher Wray said in a statement.
China has denied the allegations it funded the group and called statements by U.S. and U.K. officials “slanderous.”
“We urge the U.S. side to immediately correct its erroneous actions and cease its slanderous smears relating to internet security,” the statement from China’s Foreign Ministry read, per CNBC.
Statista reported that the most common target of cyber attackers has been critical infrastructure. Such attacks can serve several purposes, including sowing public fear, creating chaos, and engaging in espionage. Using data from the European Repository of Cyber Incidents, Statista claimed that in 2023, there were 500 reported attacks on infrastructure. As of March 26, 89 incidents have been reported this year.
“The threat is growing — cyber attacks on critical infrastructure have risen 70% in recent years,” Jeanette Hanna-Ruiz, former chief information security officer of NASA, revealed at a Financial Times event.
Frequently, hackers can access critical infrastructure through third-party companies. The interconnected nature of infrastructure allows hackers to access numerous systems quickly, as happened with the SolarWinds attack reported on by The Dallas Express.
State institutions and political organizations are the second-most frequent targets. In 2023, cyberattacks against political organizations rose dramatically, as reported by State Scoop. Data from the Center for Internet Security (CIS) reported an increase of 148% in malware attacks and a 313% increase in endpoint security services incidents in the first eight months of 2023 over the same period the year prior. There were 376 attacks against political organizations in 2023, and there have already been 82 attacks this year. That number is likely to climb as the 2024 presidential election draws closer.
Education, corporate business, and media institutions round out the top categories of targets of cyber criminals. Attacks against these targets were fewer, with just 83 incidents against schools, 113 against corporations, and 29 against media groups last year. All other sectors accounted for just 63 attacks in 2023.
“An organization may have a process in place to address vulnerabilities, and there may be response or recovery plans in place, but these various activities may not have been formalized or tested consistently,” CIS’s Multi-State Information Sharing and Analysis Center team said, per State Scoop.
