The Criminal Use of Technology in the UK – 2021 Report

Up to 88% of UK companies have suffered breach incidents in the last 12 months (Carbon Black). The NCA (National Crime Agency) have recently released their 2021 report that identifies and outlines some of the most prolific and dangerous criminal uses of technology seen over the last year. We’ve compiled all you need to know about the report and more insights into the threats these dangers have and still pose to business and personal online protection.

A report from cybersecurity firm ESET revealed that cybercrime in the UK in 2020 had risen by 19.1% compared to 2019. The exploitation of both new and technologies already established has allowed cyber actors to advance the sophistication of their attacks, allowing them to evade authorities more effectively. The increase in high-level attacks is not exclusive to the UK, however the nation has been struck particularly hard by this new wave of attacks as a result of the coronavirus epidemic and home-working affording cyber criminals more opportunity to exploit home networks, lack of awareness, and hastily adopted remote working setups.

The NCA has also found that cryptoassets, like Bitcoin and Dogecoin have been instrumental to allowing criminals to facilitate money laundering from victims of ransomware and financial theft. Consequently, heightened activity has been noticed on Dark Web marketplaces, often used for the sale of drugs, weapons and other illegal, untraceable purchases. Whilst the number of Dark Web marketplaces has declined, estimated revenues made by them circle around $1.6 billion, a 14% rise on the year before; this is due to the number of COVID-19 related items made available, such as fake vaccines and PPE.

Secure communications face an opponent growing in strength, as criminals have more and more over the last year adopted the use of CDSC devices (Criminally Dedicated Secure Communication). Easy to use secure messaging apps like WhatsApp have made it easier for online criminal groups to communicate with anonymity, and the recent changes made to WhatsApp end-to-end encryption that now sanctions the ability for messages to automatically disappear have presented numerous challenges to regulation and law enforcement bodies.

Alongside these aides, criminals have been leveraging the use of decentralised messaging applications, which allow for user anonymity, due to the fact the privacy-focused messaging function has no admin. It’s a network of users who manage the storage and delivery of their own communications; be it message or data. More often than not, this method has been a particular favourite for criminal actors in the delivery of cryptowallets.

The future of potential threat vectors

The NCA have brought to light the increased adoption of voice spoofing hard and software, which allows cybercriminals to manipulate their voice whilst making and receiving calls. Inevitably, the result of this could mean severe concern around a more sophisticated vector that will allow criminal actors to impersonate or manipulate voices. Long-term, this could present wider concern in high-profile, C-level, social engineering attempts.

Every day, one SME is successfully breached every 19 seconds, according to Hiscox. Around 65,000 attempts are made on SMEs in the UK every day. Given the nature of cybercrime faced by businesses today, it’s more important than ever that your business is on the front foot against persistent threat. In this day and age, simply installing an end-to-end encrypted messaging application cannot be relied upon for business communication and cannot guarantee network safety. Discover options that will give you the advanced level of protection needed for your remote workers here.