Cybercriminals refocusing their activities outside the US: Moody’s

Cybercriminals are likely to shift the focus of their attacks to targets outside the US, Moody’s said, as the US is increasing pressure on cybercriminals.

US sanctions have deterred payments to certain ransomware gangs operating from Russia, North Korea and Iran, and led to the shuttering of cryptocurrency platforms that facilitate illicit transactions. Arrests and cryptocurrency seizures have also taken place.

Data from RMS show that the global share of ransomware attacks in North America fell from 65% to 46% from 2020 to 2022. The share of attacks in other regions, meanwhile, is rising.

Moody’s said this shift is likely to be credit positive for US issuers experiencing a relative reprieve from attacks but negative for issuers in regions with an uptick in ransomware incidents. 

The type of attack is also changing. Moody’s believes that passwordless technologies will eventually allow organizations to almost eliminate successful phishing attacks, though adoption is likely to be slow. 

Meanwhile, hacktivism will intensify and deepfake-enabled fraud will rise. Hacktivism largely disappeared for half a decade, but has returned with greater technical sophistication and state support, raising the level of threat. Deepfake attacks are also evolving, and fraudsters will use the technology to make their scams more convincing.

However, with insurance capacity limited, demand for cyber coverage will outweigh supply.