Europol has released the 2016 edition of its yearly Internet Organised Crime Threat Assessment (IOCTA) report, which has identified an expanding cyber-criminal economy.
Europol's 2016 Internet Organised Crime Threat Assessment (IOCTA) is produced by the European Cybercrime Centre (EC3) at Europol. It informs decision-makers at strategic, policy and tactical levels in the fight against cyber-crime, and focuses on three crime areas: cyber-attacks, child sexual exploitation online and payment fraud.
Europol said: “The volume, scope and material cost of cyber-crime all remain on an upward trend and have reached very high levels.”
In a year laden with terrorist attacks throughout Europe, Europol highlights how cyber-criminals are now offering their services to militant groups, which would give the groups the means to attack Europe digitally, but such groups have yet to utilise said services.
Europol said: "There is currently little evidence to suggest that their cyber-attack capability extends beyond common website defacement."
However, the pan-European law enforcement agency says that the internet's dark web does pose a threat as it can be used by militants looking to take hire hackers who carry out phishing attacks or DDoS attacks if paid a significant fee.
Europol added: "The availability of cyber-crime tools and services, and illicit commodities (including firearms) on the Darknet, provide ample opportunities for this situation to change."
The report goes on to highlight various other trends, it says ransomware and banking Trojans remain the top malware threats, a trend unlikely to change for the foreseeable future.
Likewise data remains a key commodity for cyber-criminals. It is procured for immediate financial gain in many cases but, increasingly, also acquired to commit more complex fraud, encrypted for ransom, or used directly for extortion.
EMV (chip and PIN), geo-blocking and other industry measures continue to erode card-present fraud within the EU, but logical and malware attacks directly against ATMs continue to evolve and proliferate. Organised crime groups are starting to manipulate or compromise payments involving contactless (NFC) cards.
An increase of phishing aimed at high value targets has been registered by enforcement private sector authorities. CEO fraud, a refined variant of spear-phishing, has become a key threat.
Bitcoin remains the currency of choice for the payment for criminal products and services in the digital underground economy and the Darknet. Bitcoin has also become the standard payment solution for extortion payments.
Attacks on bank cash-machine networks were also increasing, the report found, as were frauds exploiting new contactless payment card transactions, while traditional scams involving the physical presence of a card had been successfully reduced.
Europol's director Rob Wainwright said: “The relentless growth of cyber-crime remains a real and significant threat to our collective security in Europe. Europol is concerned about how an expanding cyber-criminal community has been able to further exploit our increasing dependence on technology and the internet. We have also seen a marked shift in cyber-facilitated activities relating to trafficking in human beings, terrorism and other threats. In response law enforcement authorities have increased their skill-sets and their capability to work together in platforms such as the European Cybercrime Centre at Europol, but the growing misuse of legitimate anonymity and encryption services for illegal purposes remain a serious impediment to the detection, investigation and prosecution of criminals.”
The head of the European Cybercrime Centre, Steven Wilson said: “2016 has seen the further evolution of established cyber-crime trends. The threat from ransomware has continued to grow and has now expanded into sectors such as healthcare. Europol has also seen the development of malware targeting the ATM network, impacting cash services worldwide. Online child sexual abuse continues to be a very high priority for all countries, with international cooperation established as a significant part of the strategy to protect children and identify victims. However there are many positives to be taken from this year's report. Partnerships between industry and law enforcement have improved significantly, leading to the disruption or arrest of many major cyber-criminal syndicates and high-profile individuals associated with child abuse, cyber-intrusions and payment card fraud, and to innovative new prevention programmes such as the no more ransom campaign.”
The report comes as cyber-specialists from law enforcement, the private sector and academia are to gather in Singapore this week (28 - 30 September) to address the challenges of identifying those responsible for crimes committed in cyber-space.
Under the theme of ‘Solutions for Attribution', some 200 delegates from 56 countries are sharing best practices and identifying ways to overcome technical, operational and strategic hurdles faced by law enforcement when investigating cyber-crime and cyber-enabled crimes ranging from financial crime, terror-related activities and child sexual abuse.
Topics such as ransomware and bulletproof hosting will also top the conference agenda.
In his opening remarks, Noboru Nakatani, executive director of the INTERPOL Global Complex for Innovation (IGCI), highlighted the importance of a collaborative approach across sectors to tackle complex cyber-crime investigations.
"A safer cyber-space can only be achieved by closing the information gap between law enforcement agencies, and likewise between the public and private sectors," said Mr Nakatani."By sharing information, we can close in on the criminal networks, and essentially lock them in. This will enable law enforcement agencies, who are the only agencies with the mandate to act on the ground, to identify and dismantle transnational criminal organisations," added the IGCI's executive director.