Google’s Threat Intelligence report says cybercrime worse than everHealthcare is yet again a top target for cyberattacks Nation-state actors are using cybercrime to raise money
Despite widespread coverage of cyberattacks from the ‘Big Four’, Russia, China, Iran, and the Democratic People’s Republic of Korea (North Korea) – Google’s Threat Intelligence Group Cybercrime Report reveals almost four times more intrusions were conducted by financially motivated actors in 2024 than state-backed attackers.
The report outlines the company’s Mandiant arm’s threat responses in 2024, and reveals it’s not just national security threats countries should be worried about. Any attack on critical infrastructure, no matter who’s behind it, can have devastating effects on people’s lives;
“When power grids are disrupted, entire communities are left vulnerable. The effects of cybercrime extend far beyond stolen money or data breaches; they erode public trust, destabilise essential services, and, in the most severe cases, cost lives,” the report explains.
Healthcare still top target
It will come as no surprise to many that healthcare providers are still an incredibly attractive target for cybercriminals considering the vast amount of sensitive data they hold, as well as the critical nature of their services, meaning that any outage can be catastrophic.
In fact, the report shows a 50% increase in healthcare’s share of posts on data leak sites – and whether this is a criminal looking for financial gain, or nation-backed actor looking to disrupt critical infrastructure, the effect on patients is the same;
“Sensitive data stolen from an organization and posted on a data leak site can be exploited by an adversary in the same way data exfiltrated in an espionage operation can be,” the report notes.
Each actor’s playbooks are different, but Google’s report does suggest that each of the ‘Big Four’ are supplementing their income as part of their attacks, primarily deploying ransomware or malware to raise funds.
This has been observed many times, with North Korea’s Lazarus group launching large scale cyberattacks, which researchers suggest is part of an operation aimed at helping to fund state apparatus.
You might also like
Take a look at our pick of the best malware removal software aroundCheck out our recommendations for the best antivirus softwareHackers offer 20 million OpenAI credentials for sale, but it says there’s no evidence of a breach