The recently released Internet Organised Crime Threat Assessment (IOCTA) 2016 – the annual presentation on the current cybercrime threat landscape from Europol’s European Cybercrime Centre (EC3) – confirms that cyber crime continues to pose a significant threat across Europe, with the number of recorded cyber crime offences surpassing those associated with traditional crimes in some EU member states.
As Europol Director Rob Wainwright says: “The relentless growth of cybercrime remains a real and significant threat to our collective security in Europe. Europol is concerned about how an expanding cybercriminal community has been able to further exploit our increasing dependence on technology and the Internet.”
The report identifies eight cybercrime trends:
The digital underground is underpinned by the Crime-as-a-Service business model, which provides cyber criminals with access to the tools and services they need to conduct attacks, as well as an environment in which they can teach, learn, advertise, buy and sell. Thanks to darknet forums, secure email and other convenient online communication methods, providers of cyber crime tools and services are now in direct contact with an increasing number of fraudsters, organised crime groups and, potentially, terrorists.
Among the different malware variants available, ransomware – or cryptoware, to be more precise – has become the dominant threat. While more ‘commercial’ data-stealing malware typically still targets desktop Windows users, ransomware is more indiscriminate: its targets range from individual users’ devices to large organisations and even governments.
- The criminal use of data
Data represents a goldmine for cyber criminals. Apart from providing quick and easy financial gain from its sale on the darknet, it can also be used to facilitate more complex scams, from ransomware attacks to direct extortion.
- Payment fraud
As well as logical and malware attacks targeting ATMs, card-not-present (CNP) payment fraud is escalating, and now accounts for 66% of total card fraud value. The purchase of goods, accommodation, car rentals and airline tickets have all seen an increase in CNP fraud throughout the EU. Moreover, new types of payment fraud involving contactless (NFC) cards have been identified.
- Online child sexual abuse
Child abuse material shared on the net has escalated with the increased use of encrypted sharing platforms and anonymous payment systems. There has also been a marked increase in the live streaming of child abuse.
- Abuse of the darknet
Despite a number of exit scams and market closures, as well as the success of Operation Onymous in shutting down a number of hidden services, the darknet remains the favourite market place of cyber criminals involved in illicit activities. Moreover, it’s the go-to place for extremist groups to find cyber crime tools and resources.
- Social engineering
The report identified an increase in phishing scams focused on high-value targets – also known as whaling or CEO fraud. You can read more about this type of fraud in this blog.
- Virtual currencies
Bitcoin is still the preferred currency for criminal-to-criminal (C2C) payments, as it ensures a high level of anonymity. It is also becoming the favoured currency for extortion payments following ransomware or DDoS attacks.
Combatting cyber crime
The IOCTA notes that “the majority of reported attacks are neither sophisticated nor advanced” and mostly work “because of a lack of digital hygiene, a lack of security by design and a lack of user awareness”.
Discover how you can protect your company and improve its cyber security with these free green papers, written by our experts:
|Assured Security: Getting cyber secure with penetration testing||Don’t Risk It – Cyber Secure It With ISO 27001|
|PCI Audit Success in Nine Essential Steps||Cyber Essentials for SMEs|
More free papers can be found here.