The European Union’s law enforcement agency, Europol, has released its 2019 cybercrime report. It says cybercrime is “becoming more and more bold” with data as the main target and ransomware still the largest threat.
Cybercrime is also “shifting focus” to more profitable targets and new technologies. Though new technologies are not themselves creating a target, cybercriminals are looking for “vulnerabilities.” Cybercriminals are innovating when their attack models become unsuccessful or they can see a more profitable alternative. Europol says:
“Law enforcement must therefore not only focus on the potential impact of future technological developments in cybercrime, such as artificial intelligence but also approach cybercrime in a holistic sense, including prevention, awareness and increasing cyber education and resilience.”
Europol presented this year’s Internet Organised Crime Threat Assessment (IOCTA) at the Europol-INTERPOL Cybercrime Conference today presenting its latest view of “emerging threats and key developments” in cybercrime and the battle against it.
Data security and consumer awareness are paramount
Cybercriminals are targeting data which Europol says in its full report is a “key target, commodity and enabler for cybercrime.” It says, after ransomware, the “compromise” of data is the second-most prominent cyber-threat European investigators face. Adding:
“This most frequently relates to the illegal acquisition of financial data, such as credit card information, online banking credentials or cryptocurrency wallets, through means such as phishing, data breaches and information gathering malware.”
Such data, for cybercriminals, is “monetisable” by its sale or direct use in fraud. As well as financial data, personal data is at risk including login details. This personal data is often used in other attacks:
“Criminals can use the data to facilitate other targeted cyberattacks such as spear phishing, CEO/BEC fraud, account takeover, business process compromise and other frauds, any of which could yield much more significant criminal profits.
– Check out our hilarious security awareness training series:
Supply chain risks and breaches expected to increase
Europol also notes the threat from “malicious insider activity” is increasing. Another growing concern for the private sector is attacks “directed at them through the supply chain” referring to breaches via third-party suppliers or vendors. Europol says:
“Large companies may have a multitude of third-party suppliers, some with which they have a high degree of connectivity, each bringing its own risk.”
Risks are “similarly” incurred when a company acquires another, maybe smaller company with “lower cybersecurity maturity.” Europol notes that this was the case with the recent Marriot hotel chain breach.
Though GDPR may be contributing to the data protection fight it may be too early to tell the full impact and, says Europol, there is the question if companies will become complacent and “downscale their privacy programs.”
Ransomware the most prominent threat
Europol also details the cyber risks of DDoS attacks, website defacement, and cryptomining, and their latest findings on these types of attack. They expect supply chain risk to increase as well as attacks on the nascent cryptocurrency ecosystem. The biggest cyber threat though, despite a decline in attacks in 2018, is ransomware. Europol says:
“The number of victims is still high, and ransomware clearly and overwhelmingly retains its position as the top cyber threat faced by European cybercrime investigators, the second most prominent threat for the private sector, and one of the most common samples submitted to the Europol Malware Analysis Solution (EMAS).”
Investigators cited more than 25 “families” of ransomware types and have seen a shift to more targeted ransomware attacks:
“As long as ransomware provides a relatively easy income for cybercriminals, and continues to cause significant damage and financial losses, it is likely to remain the top cybercrime threat.”
Indeed, ransomware attacks can hit businesses incredibly hard. The key infection methods, as per this recent report, are phishing emails enabled by social engineering and remote desktop protocols. For the latter patching software vulnerabilities and regular software updates is essential.
Europol says cybercriminals shift to “more valuable targets” is shown by a move away from targeting individuals. There are “more attacks specifically engineered towards individual private and public sectors entities.” Adding “This is also a likely explanation for the apparent decline in the overall volume of attacks.” It says there have been cases where a company’s encrypted files have been ransomed by cyberattackers for more than a million euros.
In the report the European Commissioner for the Security Union, Julian King, warns that cybercrime is an “evolving threat” in its own right but also as a “tool of serious and organised crime.”
A holistic approach, training, and security awareness should be part of an overall cybersecurity strategy
Europol says that as well as developing key tools to fight cybercrime and looking at the potential impact of developing technology, law makers must also take a holistic look at cybersecurity. At The Defence Works we agree. Though the fight against cybercrime must focus on effective cybersecurity technology and processes it’s also very much about prevention, security awareness, and education.