Given cybercriminals’ success with RaaS, we predict that a growing number of additional attack vectors will be made available as a service through the dark web. In addition to the sale of ransomware and other Malware-as-a-Service (MaaS) offerings, we’ll also start to see new criminal solutions and an increase in the sale of access to pre-compromised targets. CaaS could be an attractive business model for threat actors. We expect to see more turnkey, subscription-based offerings being made available to threat actors. This emerging model would allow cybercriminals of all skill levels to deploy more sophisticated attacks without investing the time and resources up front to craft their own unique plan. And for seasoned cybercriminals, creating and selling “as a service” attack portfolios offer a simple, quick, and repeatable payday. As a result, get ready for an expanded CaaS portfolio to emerge in 2023 and beyond. We also anticipate that threat actors will begin to leverage emerging attack vectors such as deepfakes, offering these videos and audio recordings and related algorithms more broadly for purchase. Beyond targeting high-profile celebrities and public officials, we expect threat actors to expand their purview to include influencers, particularly those with a strong digital presence. Casting a wider net like this offers cybercriminals more opportunities to impersonate others and lure unsuspecting fans into taking an action, such as “purchasing” a product that doesn’t actually exist.In addition to deepfakes, we predict that Reconnaissance-as-a-Service will increase in popularity. As attacks become more targeted, threat actors will likely hire “detectives” on the dark web to gather intelligence on a particular target before launching the attack. Like the insights one might gain from hiring a private investigator, Reconnaissance-as-a-Service offerings may serve up attack blueprints—to include an organization’s security schema, key security personnel, the number of servers they have, known external vulnerabilities, and even compromised credentials for sale, and more—to help a cybercriminal carry out a highly targeted and effective attack.
New Crime-as-a-Service Offerings