EUROPOL INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2018

On 15th September, Europol published this report which aims to provide a comprehensive overview of the current, as well as anticipated future threats and trends of crimes conducted and/or facilitated online.  Its key findings include –

  • Ransomware remains the key malware threat in both law enforcement and industry reporting;
  • Cryptomining malware is expected to become a regular, low-risk revenue stream for cybercriminals. The use of exploit kits (EK) as a means of infection continues to decline, with spam, social engineering and newer methods such as Remote Desktop Protocol (RDP) brute-forcing coming to the fore;
  • New legislation relating to data breaches will likely lead to greater reporting of breaches to law enforcement and increasing cases of cyber-extortion;
  • Payment Fraud – the threat from skimming continues and shall do as long as payment cards with magnetic stripes continue to be used; the abuse of PoS terminals is taking on new forms: from manipulation of devices to the fraudulent acquisition of new terminals; and telecommunications fraud is a well-established crime but a new challenge for law enforcement.
  • The Darknet market ecosystem is extremely unstable. While law enforcement shut down 3 major marketplaces in 2017, at least 9 more closed either spontaneously or as a result of their administrators absconding with the market’s stored funds; and the almost inevitable closure of large, global Darknet marketplaces has led to an increase in the number of smaller vendor shops and secondary markets catering to specific language groups or nationalities.
  • Islamic State (IS) continues to use the internet to spread propaganda and to inspire acts of terrorism – law enforcement and industry action has pushed IS sympathisers into using encrypted messaging apps which offer private and closed chat groups, the dark web, or other platforms which are less able or willing to disrupt their activity. While IS sympathisers have demonstrated their willingness to buy cyber-attack tools and services from the digital underground, their own internal capability appears limited.
  • West African and other fraudsters have evolved to adopt emerging fraud techniques, including those with more sophisticated, technical aspects, such as business email compromise.
  • Phishing continues to increase and remains the primary form of social engineering. Although only a small proportion of victims click on the bait, one successful attempt can be enough to compromise a whole organisation.
  • Many of the classic scams, such as technical support scams, advanced fee fraud and romance scams still result in a considerable number of victims.
  • Cyber-attacks which historically targeted traditional financial instruments are now targeting businesses and users of cryptocurrencies.
  • While Bitcoin’s share of the cryptocurrency market is shrinking, it still remains the predominant cryptocurrency encountered in cybercrime investigations.
  • A combination of legislative and technological developments, such as 5G and the redaction of WHOIS, will significantly inhibit the attribution and location of suspects for law enforcements and security researchers.

https://www.europol.europa.eu/sites/default/files/documents/iocta_2018.pdf

 

Author: raytodd2017

Chartered Legal Executive and former senior manager with Isle of Man Customs and Excise, where I was (amongst other things) Sanctions Officer (for UN/EU sanctions), Export Licensing Officer and Manager of the Legal-Library & Collectorate Support Section

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s