[BreachExchange] 2017, The Year When Cybercrime Hit Close To Home

[Audrey McNeil]

https://www.europol.europa.eu/newsroom/news/2017-year-when-
cybercrime-hit-close-to-home

The past 12 months have seen a number of unprecedented cyber-attacks in
terms of their global scale, impact and rate of spread. Already causing
widespread public concern, these attacks only represent a small sample of
the wide array of cyber threats we now face. Europol’s 2017 Internet
Organised Crime Threat Assessment (IOCTA) identifies the main cybercrime
threats and provides key recommendations to address the challenges.

Europol’s Executive Director Rob Wainwright: "The global impact of huge
cyber security events such as the WannaCry ransomware epidemic has taken
the threat from cybercrime to another level. Banks and other major
businesses are now targeted on a scale not seen before and, while Europol
and its partners in policing and Industry have enjoyed success in
disrupting major criminal syndicates operating online, the collective
response is still not good enough. In particular people and companies
everywhere must do more to better protect themselves."

The 2017 Internet Organised Crime Threat Assessment presents an in-depth
assessment of the key developments, changes and emerging threats in
cybercrime over the last year. It relies on contributions from the EU
Member States, expert Europol staff and partners in private industry, the
financial sector and academia. The report highlights important developments
in several areas of cybercrime:

Ransomware has eclipsed most other cyber-threats with global campaigns
indiscriminately affecting victims across multiple industries in both the
public and private sectors. Some attacks have targeted and affected
critical national infrastructures at levels that could endanger lives.
These attacks have highlighted how connectivity, poor digital hygiene
standards and security practices can allow such a threat to quickly spread
and expand the attack vector.
The first serious attacks by botnets using infected insecure Internet of
Things (IoT) devices occurred.
Data breaches continue to result in the disclosure of vast amounts of data,
with over 2 billion records related to EU citizens reportedly leaked over a
12 month period, often facilitated by poor digital hygiene and practices.
The Darknet remains a key cross-cutting enabler for a variety of crime
areas. It provides access to, amongst other things: the supply of drugs
such as Fentanyl and new psychoactive substances which internationally have
directly led to many fatalities; the supply of firearms that have been used
in terrorist acts; compromised payment data to commit various types of
payment fraud; and fraudulent documents to facilitate fraud, trafficking in
human beings and illegal immigration.
Offenders continue to abuse the Darknet and other online platforms to share
and distribute child sexual abuse material, and to engage with potential
victims, often seeking to coerce or sexually extort vulnerable minors.
Payment fraud affects almost all industries, having the greatest impact on
the retail, airline and accommodation sectors. Several sectors are targeted
by these fraudsters as the services they provide can be used for the
facilitation of other crimes, including trafficking in human beings or
drugs, and illegal immigration.
Direct attacks on bank networks to manipulate card balances, take control
of ATMs or directly transfer funds, known as payment process compromise,
represents one of the serious emerging threats in this area.

Julian King, EU Commissioner for the security union, said: “This report
shows online crime is the new frontier of law enforcement. We’ve all seen
the impact of events like WannaCry: whether attacks are carried out for
financial or political reasons, we need to improve our resilience and
ensure cybercrime does not pay - last week the EU set out a package of
concrete cybersecurity measures.”

Dimitris Avramopoulos, EU Commissioner for Migration, Home Affairs and
Citizenship, added: "Cross-border Cyber threats today threaten not only our
citizens and our economies, but also our democracies themselves. Cybercrime
has become increasingly instrumental in geopolitics and conflicts. With a
new EU cyber strategy, and a stronger role for European agencies, including
ENISA and Europol, we will be better equipped to increase cybersecurity
collectively, in Europe and beyond."

Despite the growing threats and challenges for law enforcement, last year
did see some tremendous operational successes, for example the takedown of
two of the largest Darknet markets, AlphaBay and Hansa, the dismantling of
the Avalanche network, and two successful Global Airport Action Days
targeting those travelling on fraudulently-purchased airline tickets.

The IOCTA seeks to make recommendations for law enforcement, policy makers
and regulators to allow them to act and plan accordingly, and respond to
cybercrime in an effective and concerted manner.

Law enforcement must continue to focus on the actors developing and
providing the cybercrime attack tools and services responsible for
ransomware, banking Trojans and other malware, and suppliers of DDOS attack
tools, counter-anti-virus services and botnets.
The international law enforcement community must continue to build trusted
relationships with public and private partners, CERT communities, etc, so
that it is adequately prepared to provide a fast and coordinated response
in case of a global cyber-attack.
Company employees and the general public need to be educated to recognise
and respond accordingly to changing criminal tactics like social
engineering and spam botnets. EU Member States should continue to support
and expand their engagement with Europol in the development of pan-European
prevention and awareness campaigns.
While investigating online child sexual exploitation, EU Member States
should ensure sufficient investigative tools and resources to fight this
crime. Joint high-quality and multilingual EU-wide prevention and awareness
activity needs to be maintained.
Law enforcement needs to develop a globally coordinated strategic overview
of the threat presented by the Darknet. Such analysis would allow for
future coordination of global action to destabilise and close down criminal
marketplaces. It is also essential that investigators responsible for all
crime areas represented on Darknet markets have the knowledge, expertise
and tools required to effectively investigate and act in this environment.
The growing threat of cybercrime requires dedicated legislation that
enables law enforcement presence and action in an online environment. The
lack of adapted legislation is leading to a loss of both investigative
leads and the ability to effectively prosecute online criminal activity.

All the details are available in the 2017 Internet Organised Crime Threat
Assessment (IOCTA): IOCTA 2017 website (https://www.europol.europa.
eu/iocta/2017/index.html) | IOCTA 2017 PDF version (
https://www.europol.europa.eu/activities-services/main-
reports/internet-organised-crime-threat-assessment-iocta-2017)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170928/f9ddd734/attachment.html>