The revelation comes at a time when South Africa is witnessing consistent complexities in its cybersecurity threat landscape. 

The revelations were made in Trend Micro’s 2023 Midyear Cybersecurity Threat Report, which presents findings gleaned from in-depth telemetry involving millions of business and consumer clients. The research sheds light on both threat actor actions and new trends in criminal tactics, providing security defenders working to outwit crafty cybercriminals with useful advice.

The Developments Made in Ransomware 

In the first half of 2023, Trend Micro was able to block around 15 million malware families, with ransomware posing a significant threat to regional organizations. Notably, only in June were around 2,500 ransomware detections reported. The Midyear Report digs deeply into the evolving strategies used by ransomware groups, including how they have modified tools and methods for more effective data extraction and how their revenue models have changed.

One of the risks arises from the newly discovered ‘Mimic’ ransomware, which cleverly deploys legit search engine tools to locate files for encryption. Apparently, Mimic has certain links with the notorious Conti ransomware group, further indicating the cooperation between these criminal organizations for the sake of lowering costs, expanding their market reach, and engaging in ongoing criminal activity. The report also highlights a change in ransomware groups' priorities, with a specific focus on data exfiltration involving bitcoin theft and corporate email compromise (BEC). 

AI’s Influence on Cybercrime Activities 

Another trend that came to light in 2023 is the growing use of AI by threat actors in conducting cybercrimes. On one hand, South African companies are adopting AI technologies to up their game, and threat actors are also embracing high-end technologies to design more complicated cyber scams. These scams may include virtual kidnapping, where it may use AI for deepfake voice generation to force the victims into paying the ransom amounts.

Additionally, AI tools like ChatGPT have given cybercriminals the ability to automate data collection, create target groups, and recognize weak behaviours, making it simpler to launch harpoon-whaling attacks. These attacks entail the deceptive targeting of executives via emails that are highly tailored, urgently written, and contain details specific to the target. The effort needed to target CEOs has been greatly decreased thanks to the usage of AI, making it simpler to shoot for a big target.

Innovations Expending Threat Risk

Threat actors are continually looking for new ways to attack people as advancements progress. Attackers want to gain access to user account data to enable crimes with the rise of linked cars. Cybercriminals may identify and break into vehicles for theft or other illegal acts after hijacking accounts or acquiring credentials through phishing or malware; they may even target the owner's home location for a break-in while they are away.

The reason behind threat actors’ interest in South Africa is the increased uptake of smart home networks (SHN). Trend Micro found more than 1.5 million inbound SHN attacks in the nation during the first half of 2023. Smaller platforms, such as file transfer services like MOVEit, business communications software like 3CX, and print management software options like PaperCut, have become more vulnerable as a result of these attacks.

Zaheer Ebrahim, Solutions Architect for the Middle East and Africa at Trend Micro further highlights that the unending complexities now seen in hacker tactics pose a severe threat to local businesses. Given the constantly changing world of digital security, he emphasizes the significance of identifying potential risks and threats in order to make wise decisions and proactively build cybersecurity defences.