For a fifth year now, Europol has developed the IOCTA (Internet Organized Crime Threat Assessment). The primary objective of the assessment is the provision of a comprehensive type of overview of the current and anticipated threats in the future, as well as, trends in the crimes being carried out or even conducted online.
As the current events demonstrate the ways in which cybercrime keeps on evolving, the IOCTA this year portrays how the law enforcement has had to fight both persistent and innovative cybercrime.
Most of the parts of the report build on previous editions that emphasize the longevity of the numerous cybercrime facets. It is also a testimony towards an established business model of cybercrime where there isn’t a need to alter the operation model.
The report highlights the numerous challenges which are associated with the particular fight that is against cybercrime both from the perspectives of law enforcement and the private sector.
Cyber –Dependent Crime
It refers to the crime(s) which can be performed only through the use of computers, networks or any other type of information communication. It may include activities such as the spread of malware, hacking for the purposes of stealing personal and sensitive industrial data and also denial service attacks which cause reputational or financial damage.
There were unprecedented global scale attacks that affected around 300,000 victims globally in more than 150 countries, with just the Wannacry attack, costing the world nearly $4 billion. The attacks were notable for different reasons. One of them is that the origins had been suspected to have been acts of APT (Advanced Persistent Threat) groups which were associated with state nations and they were criminals who were not financially motivated.
Sexual Exploitation of Children Online
CSE (Child Sexual Exploitation) online continues to be a disturbing cybercrime aspect. While sexual abuse of children existed before the internet was introduced, the online dimension has allowed offenders to have interactions with each other, as well as, obtain the material for child exploitation in large volumes which were not anticipated in the last 10 years.
There is an increased number of children that have access to the internet which has enabled offenders to reach out to kids who cannot stay in an offline environment.
Criminals are still using DDoS (Distributed Denial of Service) attacks as a significant tool that is aimed against the public sector and the private business. Such attacks are utilized for financial, political, ideological or malicious reasons. These type of attacks are frequent, and are becoming more accessible.
Skimming is a common problem in most of the member states in the European Union. However, it continues to decrease in recent years due to geo-blocking measures. The skimmed card data is sold often through the Darknet and also cashed in areas where the Europay, Visa and Mastercard implementation is either non-existent or slow.
Toll fraud has been receiving some attention in the current year with different criminal groups utilizing counterfeit fuel as well as debit/credit cards to avoid paying for toll fees. Most of the member states have also reported a significant increase in the creation of fake types of companies to abuse and access Points of Sale and profit from information that has been compromised.
Previous reports have indicated that criminals are continuously abusing cryptocurrencies so as to fund the various criminal activities. In a trend reflecting attacks carried out on the banks as well as their consumers, cryptocurrency users, as well as facilitators, have been victims of cybercrime. Hacking attempts are being conducted on currency users and exchangers.
Social Engineering used in Cybercrimes
There is a continuous growth of dependence on social engineering for cybercrime. Phishing through emails and vishing through telephones continue to be used by criminals to achieve different goals in hijacking accounts, obtaining personal information, and stealing identities among other crimes.
Crypto-jacking is a new trend in cybercrime which refers to the exploitation of the user’s processing power and bandwidth to mine cryptocurrencies. It creates more revenue streams which motivate the attackers to hack the legitimate websites and exploit the systems of the visitors. Crypto mining also works to a similar effect but could cripple the system of the victims by monopolizing their specific processing power.