Today, cybercrime-as-a-service is a lucrative and growing business model among criminals. Ransomware is still a massive threat to organizations. Demand for stolen credentials continues to grow. These are among the findings of the Sophos\u2019 2023 Threat Report, which details how the cyberthreat landscape has changed due to an easier barrier of entry for criminal hopefuls.Threat researchers with Sophos say the expansion is due to the commoditization of \u201cmalware-as-a-service\u201d and the sale of stolen credentials and other sensitive data. Today, nearly every aspect of the cybercrime toolkit \u2014 from initial infection to ways to avoid detection \u2014 is available for purchase on the dark web, say researchers. This thriving business selling what once would have been considered \u201cadvanced persistent threat\u201d tools and tactics means any would-be criminal can buy their way into exploitation for profit.\u201cThis isn\u2019t just the usual fare, such as malware, scamming, and phishing kits for sale,\u201d said Sean Gallagher, principal threat researcher at Sophos. \u201cHigher rung cybercriminals are now selling tools and capabilities that once were solely in the hands of some of the most sophisticated attackers as services to other actors.\u201dAs in previous years, one of the more popular as-a-service malware kits is ransomware \u2013 which has exploded in popularity among threat actors. Tool kits are now easy to obtain and prove to be highly profitable for criminals. The report also finds ransomware operators are broadening their attack targets to include platforms beyond Windows and are using programming languages like Rust and Go to evade detection. Some groups, such as Lockbit 3.0, are even diversifying their operations and using more sophisticated methods to extort victims.The growth of ransomware and as-a-service malware has also led to an increased\u00a0demand for credential theft. Credential theft is still a common method for novice criminals to gain access to underground marketplaces and start their criminal activities. As black market web services have grown, various types of credentials, particularly cookies, can be exploited in a variety of ways to gain greater access to networks, even bypassing multi-factor authentication (MFA).Look to Managed Detection and Response (MDR) for Defense As the criminal community widens due to the continuous lowering of barriers to entry for would-be cybercriminals and the commodification of hacking tools, it is critical for organizations to have the tools and strategies in place to detect and neutralize attacks. This becomes a more difficult struggle the longer action is delayed, as bad actors continue to find more intelligent exploit tactics, seeming to always stay a step ahead of IT leaders.Many IT leaders are turning to Managed Detection and Response (MDR) services to mitigate this struggle. Highly trained MDR defenders can discover and intercept attacks early before targets become the victim of a data breach, ransomware or other compromise, and should be a key component in an organization\u2019s threat defense arsenal.MDR services offer round-the-clock threat hunting and broaden visibility for better, faster detection and response in an increasingly challenging threat landscape.For more information on Sophos\u2019 MDR solutions, visit https:\/\/www.sophos.com\/en-us\/products\/managed-detection-and-response.