Cybercriminals have improved their hacking methods and are deploying more sophisticated techniques, ensuring that cybercrime “remains a real and significant threat,” says Europol Director Rob Wainwright.
Based on input from EU countries and security experts, the 2016 Internet Organized Crime Threat Assessment (IOCTA) discusses the cybercrime threat landscape in terms of key developments and emerging threats related to the top areas of cybercrime: cyber-attacks, child sexual exploitation online and payment fraud.
Eight cybercrime trends have been identified in the report: crime-as-a-service, ransomware, the criminal use of data, payment fraud, online child sexual abuse, abuse of the Darknet, social engineering and virtual currencies (Bitcoin). Bitcoin remains a preference because police can’t trace these transactions.
“The additional increase in volume, scope and financial damage combined with the asymmetric risk that characterizes cybercrime has reached such a level that in some EU countries cybercrime may have surpassed traditional crime in terms of reporting,” identifies the report.
In the past year, research shows cybercriminals have infiltrated other crime segments, ranging from human trafficking to terrorism. Additionally “other cross-cutting issues, such as the growing misuse of legitimate anonymity and encryption services and tools for illegal purposes pose a serious impediment to detection, investigation and prosecution of criminals,” reads the study.
The top malware threats detected are spear phishing (hunting for CEOs), ransomware and banking Trojans. Although all have grown in popularity and are more common among attacks, ransomware remains a leading threat. Cryptoware (encrypting ransomware) is the most prevalent among both enterprises and private citizens. Following an increase in the number of Darknet forums encouraging the promotion of child sexual exploitation, the most common victims of social engineering and extortion are part of this segment.
Investigators confirm levels of fraud have increased across all sectors, as organized crime groups have learned to exploit NFC payments. DDoS attacks have also grown in popularity, while big data important to hackers in complex fraud schemes and extortion.
“Despite the increasing challenges, the last 12 months have demonstrated that a coordinated approach by EU law enforcement that includes all relevant partners can result in significant successes in the fight against cybercrime, including in the important areas of prevention and awareness,” Wainwright says. “I am confident that this will continue and improve in the years to come.”