Key findings from the Internet Organized Crime Threat Assessment – IOCTA for 2021 from Europol covered interesting areas like cyber-dependent crime, child sexual exploitation material, online fraud and dark web activities.
- Ransomware affiliate programs are using supply-chain attacks to compromise the networks of large corporations and public institutions and utilise new multi-layered extortion methods
- Mobile malware has become a scalable business model by introducing overlay attacks, two-factor authentication disruption and SMS spamming capabilities.
- DDoS for ransom seems to be making a return as criminals use the names of well-known advanced persistent threat (APT) groups to scare their targets into complying with ransom demands.
Child Sexual Exploitation Material
- There has been a steep increase in online grooming activities on social media and online gaming platforms.
- The production of self-generated material is a key threat. This material is displaying increasingly younger children.
- Overall activity related to child sexual abuse material (CSAM) distribution on P2P networks has increased considerably
- The Dark Web remains an important platform for the exchange of CSAM.
- COVID-19 continues to have a significant impact on the European fraud landscape in the second year of the pandemic.
- Phishing and social engineering remain the main vectors for payment fraud, increasing in both volume and sophistication.
- Investment fraud is thriving as citizens incur devastating losses, but business email compromise (BEC) and CEO fraud also remain key threats.
- Card-not-present fraud appears under control as COVID-19 restrictions curb travel-based types of fraud.
- Dark Web users are increasingly using Wickr and Telegram as communication channels or to bypass market fees.
- Dark Web users are increasingly adopting anonymous cryptocurrencies, such as Monero, and swapping services.
- Users rely on increasingly sophisticated operational security, migrating quickly to other (useless) markets or markets enforcing manual PGP after takedowns
- Grey infrastructure is increasingly helping Dark Web users thrive.
Many of the threats in the cybercrime landscape are exacerbated by the growing crime-as-a-service market on the Dark Web. Malware-as-a-service offerings and the auctioning of people’s stolen data enable the planning of future attacks. Criminals also, continue improving their operational security by abusing end-to-end encrypted communication services and cryptocurrencies.
To combat the aforementioned advancing threats, law enforcement officers need to be able to have timely access to data and to conduct lawful undercover work to keep society safe. Companies, especially those operating outside the European Union, have to improve their Know Your Customer (KYC) and information disclosure practices. Law enforcement agencies need more training and tools to have officers capable of uncovering and disrupting criminal activity in the digital realm.
Finally, it is vital to continue improving our collective information technology (IT) literacy and awareness as cybercrime has become entrenched in our society.
Europol (2021), Internet Organised Crime Threat Assessment (IOCTA) 2021, Publications Office of the European Union, Luxembourg.