A MAJOR new Europol report has warned of eight principal cyber threats that plague citizens and businesses across the region.
The 2016 Internet Organised Crime Threat Assessment report (PDF) set out the eight threats and said that criminals’ desire to use these tactics is only getting stronger.
In no particular order the threats are ransomware, crime-as-a-service, data theft and misuse, payment fraud, online sexual exploitation, abuse of the Dark Net, phishing and the use of virtual currencies for illegal purchases.
The use of the Dark Net was highlighted by Europol as a particularly strong area of growth in the cyber crime arena.
“The Dark Net continues to enable criminals involved in a range of illicit activities, such as the exchange of child sexual exploitation material,” the report said.
“The extent to which extremist groups currently use cyber techniques to conduct attacks are limited, but the availability of cyber crime tools and services, and illicit commodities such as firearms, on the Dark Net provides opportunity for this to change.”
Phishing attacks against CEOs are also on the rise, while the report highlighted an increase in high-level attacks against critical infrastructure environments.
“In 2015, law enforcement across Europe reported a number of attacks on critical infrastructures which often included unsophisticated methods such as SQL injections and cross-site scripting but also APT-type attacks,” the report said.
Despite the worrying picture, Europol said that improvements have been made by law enforcement agencies and the private sector in teaming up to tackle the threats.
“Locally and internationally, law enforcement agencies are finding new ways to efficiently collaborate on investigations involving the internet across borders and jurisdictions,” the report said.
“There has also been significant change in the engagement with the private sector to share information and collaborate with private industry organisations.”
The report cited Europol’s private sector Advisory Groups in Finance and Technology as an example of this improved collaboration.
“Law enforcement has gained a better understanding of private sector industries. They know what questions to ask, what data to request, and who to approach to best support investigations,” the report said.
“They have a better understanding of technical capabilities available in the private sector, and how those capabilities can be leveraged to fight crime.”
Europol added that more people being arrested for cyber crime-related offences helps to shift public perceptions of cyber crooks as being untraceable.
“Publicity surrounding arrested cyber criminals has a strong deterrent effect. People participating in cyber criminal activities perceive a higher risk,” it said.
“Public awareness of successful arrests helps to reduce the number of criminals willing to take this risk. Compare this to a decade ago, when the risk of getting caught for internet-based crime was perceived as low.”
Europol director Rob Wainwright explained that the report highlighted how commonplace cyber crime has become, but that work to counter it is having an effect.
“The relentless growth of cyber crime remains a real and significant threat to our collective security in Europe,” he said.
“Europol is concerned about how an expanding cyber criminal community has been able to further exploit our increasing dependence on technology and the internet.”