The Google Threat Intelligence Group is urging governments to treat financially motivated cybercrime as a national security threat, citing increasing overlaps between cybercriminals and state-backed actors, reports SecurityWeek.While state-sponsored hacking often draws more scrutiny, financially driven attacks are more prevalent, with Mandiant responding to nearly four times as many incidents in 2024. Some nations, including Iran and North Korea, direct their state-backed threat actors to obtain funding through cybercrimes, while groups like Sandworm, linked to Russian military intelligence, use criminal malware for espionage and disruptive operations.Notably, cybercriminal activities increasingly resemble hybrid warfare, with ransomware attacks on healthcare and utilities causing large-scale disruption. The UK’s National Health Service suffered lasting harm from a June 2024 attack, while Costa Rica declared a national emergency after ransomware disrupted government services in 2022. Given the blurred lines between financial and political motives, Google advocates for an international approach to tackling cybercrime. Recommendations include elevating cybercrime as a priority threat to national security, disrupting cybercriminal ecosystems, strengthening cybersecurity defenses, and enhancing international cooperation. While GTIG stops short of advocating government access to encrypted messaging, it calls for a more aggressive stance against cybercriminal infrastructure and financial enablers to mitigate global threats.
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.