Google has released a new report claiming that cybercrime is increasingly being used as a tool by states, posing a threat to national security. The company is urging authorities around the world to recognize cyber attacks as a national security threat and to enhance measures to combat them. The report offers key recommendations for combating cybercriminals who are sponsored by state hackers.
The report highlights several countries, including China, Iran, and North Korea, which Google says use criminal groups to carry out their objectives. This tactic allows these countries to conceal their involvement, reduce costs, and gain access to malicious tools without having to develop them.
For instance, Iranian hackers use ransomware to finance intelligence activities, while Chinese groups engage in cybercrime for additional income. North Korea, on the other hand, relies on cyber attacks on cryptocurrencies as a primary source of funding for the country.
Google stresses that without active government intervention and international cooperation, the cybercrime problem will only worsen. Suggestions include prioritizing cybersecurity, incentivizing the adoption of best protection practices, and actively dismantling the cybercrime ecosystem. This involves not only targeting specific groups but also the infrastructure that supports their activities, such as bulletproof hosting services and cryptocurrency platforms used for money laundering.
Despite law enforcement efforts, cybercrime remains a significant issue. The report reveals that even after high-profile takedowns of cybercriminal groups like Lockbit and Alpha, new players quickly emerge in the market. Platforms for data leaks have doubled their activity in the past two years, and attacks on critical infrastructure are on the rise.
One particularly vulnerable sector is healthcare, with Google reporting that attacks on medical institutions in 2023 resulted in the shutdown of hundreds of facilities, thousands of postponed surgeries, and the exposure of patients’ personal data. Healthcare providers such as Change Healthcare, hospitals in Romania, Ascension, and the British Synnovis provider have been heavily impacted. Criminals are taking advantage of healthcare workers’ inability to afford prolonged downtime. The QILIN group has openly declared its intent to target the medical sector due to its profitability.
Google is calling on legislators worldwide to acknowledge the severity of the situation, stating that cybercrime now poses a threat on par with attacks from national intelligence services. FBI data shows that losses from business email compromise scams alone amounted to around $55 billion over a decade. Financial gain remains a primary motivator for cybercriminals, and the expanding criminal ecosystems are making it increasingly challenging to combat hackers.