Google Threat Intelligence Group has released a new report ahead of the Munich Security Conference, warning about the escalating threat of cybercrime to national security. The report urges policymakers to treat cybercriminal activities with the same level of urgency as those carried out by nation-states, noting the growing overlap between the two.
The findings reveal that several governments are now enlisting cybercriminal groups and their tactics to advance geopolitical and economic objectives. Cybercrime has evolved beyond a tool for financial gain, becoming a powerful instrument for state-backed espionage and disruption. The consequences of these actions extend well beyond financial losses, threatening critical infrastructure and undermining public trust in governments’ ability to safeguard their citizens.
The report highlights four key players—Russia, China, Iran, and North Korea—who have incorporated cybercrime into their strategic operations. Russia has leveraged cybercriminal networks to support espionage and disruptive actions in Ukraine, tapping into established tools and expertise. China, on the other hand, has blurred the lines between financial cybercrime and intelligence gathering, with groups like APT41 combining ransomware attacks with espionage. Meanwhile, Iran, facing economic pressures, has turned to ransomware and hack-and-leak operations as a means of generating revenue. North Korea, in a similar vein, has resorted to cryptocurrency heists to fund its missile and nuclear programs, all while evading international sanctions.
Beyond its state-backed dimension, the report highlights the broader societal cost of cybercrime. As an escalating international security threat, cybercrime is not only a financial burden but also a profound social and economic challenge. The increasing sophistication and frequency of cyberattacks has already caused devastating consequences for critical infrastructure, particularly in the healthcare sector, where the impact is felt most acutely.
One notable example is the impact of ransomware attacks on hospitals, where financially motivated cyberattacks can disrupt patient care as severely as state-backed operations. These attacks have led to system-wide shutdowns, delaying emergency procedures, interrupting medication distribution, and, in some cases, increasing patient mortality rates. This highlights the devastating consequences of cybercrime, which extends well beyond financial losses to directly threaten public health and safety.
Over the past three years, healthcare-related data leaks have doubled, making hospitals an increasingly attractive target for cybercriminals. A recent study found that ransomware attacks were associated with a 35-41% increase in in-hospital mortality rates, highlighting that these incidents go beyond financial losses—they directly threaten lives. Despite this growing crisis, cybercrime continues to receive less attention than state-sponsored threats, underscoring the urgent need for stronger global cooperation to combat cybercriminal networks and safeguard essential public services.
Similarly, cyberattacks on power grids and infrastructure can leave entire communities vulnerable, with consequences that extend far beyond financial losses. These threats not only disrupt essential services but also pose serious risks to public trust and national stability, undermining the very foundation of societal security.
The Google report underscores the urgent need to treat cybercrime with the same level of commitment and coordination as nation-state threats. As cybercrime and state-sponsored hacking increasingly overlap, it becomes clear that a stronger, more unified international response is essential. Without greater cooperation among nations, the cybercrime ecosystem will continue to thrive, fueling geopolitical conflicts and eroding global cohesion.
“The vast cybercriminal ecosystem has served as an accelerant for state-sponsored hacking, supplying malware, vulnerabilities, and, in some cases, full-spectrum operations to states. These capabilities can be more cost-effective and deniable than those developed directly by a state,” says Ben Read, Senior Manager at Google Threat Intelligence Group. “These threats have been viewed as separate for too long, but the reality is that combating cybercrime will strengthen defenses against state-backed attacks.”
Sandra Joyce, Vice President at Google Threat Intelligence, warns that cybercrime has evolved into a persistent national security challenge. She stresses that the cybercriminal marketplace is highly resilient, making it difficult to disrupt. “Cybercrime has undeniably become a critical national security threat worldwide. Unfortunately, many of our efforts have only resulted in temporary setbacks for these criminals. We can’t treat this as a nuisance—we must work harder to create meaningful impacts.”
The report serves as a critical wake-up call for both governments and cybersecurity professionals. Without urgent, coordinated efforts, cybercrime will continue to pose a serious threat to national and global security, with far-reaching consequences that go well beyond financial damage, threatening stability, infrastructure, and public safety.
Editor’s note: This article is a summary of Google’s news report, initially written by ChatGPT 4o and edited by Dain Oh.
