[BreachExchange] Financial Sector Under Increasing Cybercrime Threat

[Audrey McNeil]

https://www.databreachtoday.com/financial-sector-under-
increasing-cybercrime-threat-a-10444

The financial sector is under increasing threat from cybercrime syndicates,
warns Rob Wainwright, director of Europol, the EU's law enforcement
intelligence agency.

"What really concerns me is the sophistication of the capability, which is
becoming good enough to really threaten parts of our critical
infrastructure, certainly in the financial, banking sector," Wainwright
told Reuters on Wednesday on the sidelines of the Web Summit technology
conference in Lisbon, Portugal.

At the same time, he said, attackers may be located remotely - based "in
their bedrooms" - making it difficult to locate, identify, arrest or
extradite them. He added that a majority of the cybercriminals "we are
working against are Russian speaking, not just Russian."

Wainwright's critical infrastructure cybersecurity risk analysis does not
represent the first time Europol has issued such a warning. The 2017
Internet Organized Crime Threat Assessment from Europol, released in
September, warned that in addition to "worst-case scenarios, such as
attacks on systems in power plants and heavy industry," critical
infrastructure sector firms might also be felled by more mundane attacks.

"It is clear that a greater variety of critical infrastructures are more
vulnerable to 'everyday' cyberattacks, highlight the need for a coordinated
EU law enforcement and cross-sector response to major cyberattacks on
critical infrastructure," the assessment says.

Ransomware Attacks Spike

Ransomware also remains a major concern. Wainwright said law enforcement
agencies and the private sector are collectively seeing 4,000 ransomware
attacks per day against consumers and businesses and that such attacks will
continue to increase.

"The real threat comes from a sort of exponential, remorseless increase in
the scale and significance of cybercriminal capability," Wainwright told
Reuters.

"There is this sort of cybercriminal underworld that's a lot bigger and
smarter and adept than most people think," he said. "And, against it, we
still have generally low cybersecurity standards."

Europol has continued to highlight the ransomware threat facing individuals
and organizations. "Ransomware attacks have eclipsed most other global
cybercrime threats, with the first half of 2017 witnessing ransomware
attacks on a scale previously unseen following the emergence of
self-propagating 'ransomworms,' as observed in the WannaCry and
Petya/NotPetya cases," according to the 2017 IOCTA report (see Maersk
Previews NotPetya Impact: Up to $300 Million).

Unlike banking Trojans, furthermore, ransomware attacks are being unleashed
against a much broader pool of victims. "Ransomware has widened the range
of potential malware victims, impacting victims indiscriminately across
multiple industries in both the private and public sectors, and
highlighting how connectivity and poor digital hygiene and security
practices can allow such a threat to quickly spread and expand the attack
vector," according to the IOCTA report.

But cybercriminals don't limit themselves to unleashing ransomware. "For
genuine financially motivated attacks, extortion remains a common tactic,
with ransomware and distributed denial-of-service (DDoS) attacks remaining
priorities for EU law enforcement," the 2017 ICOTA report notes.

Disrupting the Cybercrime Economy


Earlier this year, the FBI, Europol and law enforcement partners announced
the seizure of both the AlphaBay and Hansa darknet marketplaces. Modeled on
legitimate e-commerce forums, the marketplaces included such categories as
fraud; drugs and chemicals; counterfeit items; weapons; software and
malware; as well as sections for buying and selling stolen payment card
data and personally identifiable information.Europol has helped law
enforcement agencies notch some notable arrests aimed at disrupting not
only cybercriminals, but also the broader cybercrime-as-a-service ecosystem
that supplies criminals with everything from malware and infected endpoints
to stolen payment card data and money laundering services.

Crypto Debate

Despite the rise in online crime and terror attacks continuing, Wainwright
said in a Web Summit panel discussion on Wednesday devoted to technology
and privacy that he remains opposed to prohibiting technology companies
from using strong encryption or forcing them to weaken their crypto by
installing backdoors.

"Within the common understanding of what backdoor encryption means, I
certainly do oppose it, because ... the logic breaks down, in that we would
be deliberately engineering a vulnerability in our systems, he said. "That
said, I do wish for a much closer relationship between law enforcement and
the tech sector in a way that's since broken down following Snowden."

data-lang="en-gb">

Speaking at @WebSummit on the privacy and security implications of new
technology @Europol pic.twitter.com/I6vHj6NoAh

— Rob Wainwright (@rwainwright67) 8 November 2017

Wainwright said that law enforcement must develop its own capabilities to
better investigate "online environments," but suggested that it's up to law
enforcement agencies to bring the required technical and investigative
expertise to bear (see FBI Still Trying to Unlock Texas Killer's
Smartphone).

"I do think that under the right kind of lawful supervision, law
enforcement authorities should have the power to decrypt certain devices
that are held by legitimate targets, and to do that they have to develop
their capability," he said.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20171109/27c0cd6e/attachment.html>