The Cybercrime Supply Chain 2024, a collaborative report by M3AAWG, Interisle Consulting Group, CAUCE, and APWG, analyses over 16 million cybercrime events, showing a 54% surge from the previous year. Released on November 18, 2024, the study highlights the growing sophistication and scale of cybercrime, with malware, spam, phishing, and domain abuse dominating the findings.
Cybercriminals increasingly rely on bulk domain registrations, subdomain abuse, and new generic top-level domains (gTLDs), which were linked to 37% of cybercrime domains despite their small overall market share. The report also reveals a sharp increase in IPv4 addresses tied to cybercrime, particularly in China and India, while the United States remains a significant contributor.
The study provides six strategic recommendations to counter these trends. These include stricter controls on domain registrations, limiting subdomain availability, automating suspicious activity detection, and fostering collaboration between stakeholders. By disrupting the cybercriminal supply chain, the profitability of these activities can be diminished, reducing their global impact, which is estimated at nearly $10 trillion in damages annually.
M3AAWG and its partners are committed to tackling these systemic issues, leveraging findings like those in this report to drive meaningful change across the industry.
Access the full report for more insights: Cybercrime Supply Chain 2024.
