Ransomware attacks are becoming more targeted and less opportunistic, Europol has found, while warning enterprises of the threat posed by new and emerging forms of cyber attack.
Ransomware is now a standard attack tool for cyber criminals, but there has been a shift from random attacks to targeting specific companies or people, The internet organised crime threat assessment 2018 report by Europol warns.
While there was not a large volume of reports last year, mobile malware is expected to grow as users shift from online to mobile banking – a threat to both private and public organisations.
European states must also be aware of emerging threats, such as cryptomining and payment card fraud. The targeting of financial instruments is not a new phenomenon, but criminals are now attacking businesses and users of cryptocurrencies.
Another emerging threat flagged in the report is the popularisation of “true” cryptomining malware, which uses the processing power of infected machines to mine cryptocurrencies without the owner realising.
The findings anticipate a more pronounced shift towards privacy-oriented currencies, with an increase in extortion demands and ransomware within cryptocurrencies.
Europol executive director Catherine De Bolle said the report highlights why law enforcers must be up to date with emerging technologies.
“Cyber crime cases are increasingly complex and sophisticated,” she said. “Law enforcement requires additional training and investigative and forensic resources in order to adequately deal with these challenges.
Skimming bank cards, where data is illegally collected from the magnetic strip, remains a common problem throughout Europe, but card-not-present fraud continues to be a dominant threat.
The continued decrease in card skimming is a result of geoblocking measures as data is often sold overseas via the dark web, where Europay, MasterCard and Visa (EMV) have implemented either slow or non-existent service.
Rusty Carter, vice-president of product management at Arxan Technologies, a company specialising in application attack prevention and self-protection for internet of things (IoT), mobile and other applications, said: “There is no technological reason why traditional skimmers should still be effective.
“The industry and institutions should be looking ahead to move beyond traditional cards and even chip and PIN, to more advanced MFA [multi-factor authentication] before authorising payments and withdrawals.
“CNP fraud further highlights the need for MFA in transactions. Institutions and issuers will need to build the infrastructure to enable PoS [point of sale] and online merchants, and start requiring it at least initially for high-value transactions.
“These are well-known security techniques in other industries and enterprise information security, where additional authentication factors and environmental conditions need to be present, such as a secured app for token retrieval by the user, in order to escalate privileges.”
According to Europol, the most effective defence against cyber crime is the education of potential victims. Law enforcement organisations should raise awareness of threats and trends while supporting prevention, it said.
This includes working with cryptocurrency-related businesses such as exchangers, mining pools or wallet operators. Cyber crime investigators should receive specialist training for investigating cryptocurrencies.
De Bolle said: “Europol will continue its efforts to enhance cooperation with international law enforcement and government agencies, tech companies, academia and other relevant stakeholders. Only if we do this can cyber crime be combated effectively.”
Sir Julian King, European commissioner for the security union, said: “As the report shows, Europe is still faced with a range of security threats from terrorism and cyber.
“We will continue to take decisive action to tackle these threats through our proposals on terrorist content online, electronic evidence and on election security, and through our cyber security strategy.
“As this report highlights, to tackle these threats, we need to foster trust, information-sharing and cooperation between all stakeholders.”
The sexual exploitation of children continues to be the most disturbing aspect of cyber crime, with the report outlining how technology is facilitating this crime.
Access to internet-connected devices and social media, which often benefits from end-to-end encryption, means children are targeted more easily and exposed to vulnerabilities.
Self-generated images that are shared voluntarily may fall into the hands of sexual offenders, or minors may be exploited, the report warns.
Europol, which is now making sexual exploitation a cyber crime priority, believes the web has enabled offenders to interact with each other online and obtain indecent material of children in volumes that were unimaginable 10 years ago.
Responding to the findings, Dimitris Avramopoulos, European commissioner for migration, home affairs and citizenship, said the EU is especially committed to tackling cyber crime involving the sexual exploitation of children and terrorism.
“Cyber criminals continue to threaten and attack our citizens online, endangering both their virtual and physical integrity, especially the most vulnerable ones,” he said.
“Together with Europol, the EU is committed to step up its fight against all areas of cyber crime and especially the sexual exploitation of children as well as terrorist content online, both legally and operationally.”