If there is one thing that history has taught us about the evolution of cybercrime, it is that significant technological developments are a catalyst for dramatic shifts in criminal methods.
The evolution of cybercrime is marked by periods of rapid innovation followed by phases of consolidation. With artificial intelligence (AI) reshaping business operations, it's crucial to consider whether AI will spark a new era of cybercrime or simply enhance existing criminal efficiencies.
Historical Milestones in Cybercrime Organisation (circa 2005 onwards)
The advent of online forums and communities marked a turning point in cybercrime, fostering collaboration among criminals. This led to a more structured and rapid development of cyber attacks, with specialists in coding, money laundering, and other support services becoming integral to the cybercrime ecosystem.
Automation (circa 2010 onwards)
Cybercrime took a leap forward with the automation of illicit sales, including compromised system access, breached data, and stolen credit card information. Online criminal marketplaces emerged, streamlining the procurement process for fraudsters and cybercriminals.
Decentralised anonymity (circa 2011 onwards)
The proliferation of "Dark Web" technologies, such as the Tor network and cryptocurrencies like Bitcoin provided cybercriminals with the means to operate more anonymously. The Silk Road darknet market's emergence in 2011 exemplified this trend, with cybercriminals quickly establishing their own forums and ransomware services.
"As-a-service" models (circa 2018 onwards)
Cybercriminals adopted "as-a-service" business models to scale their operations. This approach provided infrastructure, such as malware, to affiliates, allowing the creators to profit from widespread distribution. Although arguably some cybercriminals had been using "as-a-service" models for some time before this, it was ransomware gangs like Revil and Lockbit who epitomised this model, contributing to the rise of ransomware as the dominant cybercrime threat.
The AI Factor in Cybercrime
AI's current capabilities are poised to enhance the efficiency and scope of cybercriminal activities, potentially accelerating the pace and expanding the scale of cybercrime. Anticipated threats include the refinement of existing tactics and an improved capacity for activities such as reconnaissance and social engineering.
Authorities like the FBI and the UK's National Cyber Security Centre (NCSC) have acknowledged AI's potential to bolster cybercriminal capabilities. A notable example occurred in May 2024 when Arup, a UK engineering firm, fell victim to an AI-assisted "deepfake" scam in Hong Kong, resulting in a significant financial loss.
AI is expected to lower the barrier to entry for less sophisticated threat actors by simplifying attack execution. The emergence of generative AI, similar to ChatGPT, could enable phishers to craft more convincing email campaigns, while AI tools could allow non-coders to exploit datasets more effectively.
Despite these concerns, the anticipated surge in cybercrime incidents due to AI has not materialised as quickly or dramatically as some predicted. This may be partly because AI is also being leveraged in cybercrime detection and prevention, equipping defenders with advanced tools to counteract these threats.
While AI undoubtedly presents new opportunities for cybercriminals, it also empowers cybersecurity professionals. The ongoing battle between cybercrime and cyber defence is entering a new phase, one where AI plays a pivotal role on both sides. As we brace for the impact of AI on cybercrime, it is imperative that we not only maintain vigilance but also proactively advance our defensive strategies. Businesses, cybersecurity experts, and policymakers must collaborate closely to develop robust AI-powered security measures, share knowledge, and foster a culture of continuous learning and adaptation. The time to fortify our digital ecosystems is now.