In its latest report, Google asserts that cybercrime is increasingly becoming a strategic tool in the hands of nation-states. The company urges governments worldwide to recognize cyberattacks as a critical national security threat and to intensify efforts to combat them. The report outlines key recommendations aimed at countering the collaborative operations between cybercriminal syndicates and state-sponsored hacking groups.
Particular focus is placed on several nations, including China, Iran, and North Korea. According to Google, these countries leverage criminal organizations to execute state objectives, allowing them to mask their involvement, reduce operational costs, and gain access to sophisticated malicious tools without developing them in-house.
For instance, Iranian hackers deploy ransomware to fund intelligence operations, while Chinese cybercriminal groups engage in cybercrime as an additional revenue stream. The most striking example, however, is North Korea, where cyberattacks on cryptocurrency exchanges have become a primary source of national funding.
Google warns that without decisive governmental intervention and enhanced international cooperation, the problem will only escalate. Among the proposed measures are:
- Recognizing cybersecurity as a top national priority
- Creating incentives for the adoption of best security practices
- Actively dismantling the cybercrime ecosystem
Notably, Google advocates for targeting not only individual hacker groups but also the infrastructure that sustains their operations, such as bulletproof hosting services and cryptocurrency platforms facilitating money laundering.
Despite efforts by law enforcement agencies, the scale of the problem remains vast. The report highlights that even after the high-profile takedowns of LockBit and ALPHV, the vacuum was rapidly filled by new actors. Data leak platforms have nearly doubled their activity over the past two years, while attacks on critical infrastructure continue to surge.
One of the most vulnerable sectors remains healthcare. According to Google, cyberattacks on medical institutions in 2023 led to the shutdown of hundreds of facilities, the postponement of thousands of surgeries, and the exposure of vast amounts of patient data. Among the hardest hit were Change Healthcare, Romanian hospitals, the Ascension health network, and the British provider Synnovis. Cybercriminals exploit the inability of healthcare providers to afford prolonged downtime, with groups like Qilin explicitly stating their intent to target the medical sector due to its high profitability.
Google calls on global policymakers to acknowledge an alarming reality: cybercrime has evolved into a threat as severe as operations conducted by national intelligence agencies. As evidence, the report cites FBI data, revealing that BEC (Business Email Compromise) fraud alone has resulted in approximately $55 billion in losses over the past decade. Financial motivation remains the primary driving force behind cyber threats, and the expanding criminal ecosystem continues to make the fight against hackers increasingly complex.
