From the end of 2016 and much of 2017, a series of worldwide cybernetic crimes took places which were unprecedented because of their impact and extension. They are the cause of much public concern even though they only represent a small sample of the wide range of cybernetic threat which presently exists.
Internet Organised Crime Threat Assessment (IOCTA) of Europol, identifies the main cybercriminal threats and provides key recommendations to address such challenges.
Assessment of the threat of organised crime via Internet in 2017 presents an in-depth study of key events, changes and emerging threats related to cybercrime last year. It is based on the contributions of member states of the EU, of Europol expert personnel and members from private industry, the financial and academic sectors. The report emphasises the most important events in different areas of cybercrime:
- Ransomware(malicious software programming)has overshadowed most other cyber-threats with global campaigns which indiscriminately affect victims in multiple industrial and private sectors.
- The first serious botnet attacks (malicious programmes) took place using internetworking of infected physical devices (IoT).
- Filtering of data continues to lead to the spreading of large amounts of information, with over 2,000 million recorded relating to citizens of the EU which came to light during the twelve-month period.
- The dark web continues to be a key transversal facilitator for different fields of crime. It provides access, among other things, to drugs and other psychoactive substances; the provision of firearms which have been used in terrorist attacks; payment details to be able to commit different types of fraud; and fake documents to facilitate fraud, people trafficking and illegal immigration.
- Criminals continue to use the dark web and other related platforms to share and distribute material involving sexual abuse of children and participate with potential victims, often trying to coerce or sexually extort vulnerable minors.
- Payment fraud affects almost all industries, which has a major impact on the retail, aeronautic and accommodation sectors.
- Direct attacks on banking networks to manipulate credit card balances, take control of cash dispensers or directly transfer funds, known as commitments of the payment process, constitute one of the greatest emerging threats in this area.
In spite of the growing threats and challenges, there were some important successful operations last year, like the dismantling of two of the big markets of Darknet, AlphaBay and Hansa, the neutralising of the Avalanche network and Airlineactiondays.
The IOCTA wishes to formulate recommendations for the application of the law and plan in consequence by responding effectively and consensually to cybernetic crime.
- The application of the law must continue to focus on actors who develop and provide the tools and cybercriminal attack services responsible for ransomware, banking trojans and other malicious programmes and suppliers of DDOS attack tools, antiretroviral services and botnets.
- The international community must continue to foment trusting relationships with public and private members, CERT communities, etc, so that it is prepared to provide a rapid and coordinated response if there is a global cybernetic attack.
- The member states of the EU should continue to give support to and deepen its commitment to Europol in the development of pan European campaigns of prevention and awareness-raising.
- While investigating online child sex abuse, the member states of the EU must guarantee sufficient resources for the fight against crime.
- The growing threat posed by cybernetic crime requires a legislative commitment which allows for the presence and application of the law to an online environment. The lack of such legislation is leading to a loss of investigative leadership.
All the details are available on 2017 Internet OrganisedCrimeThreatAssessment (IOCTA): IOCTA 2017 website | IOCTA 2017 PDF version
The IOCTA was presented during the annual session of the CibercrimEuropol-INTERPOL conference, held in The Hague on 27-29 September 2017.
You can consult entries on the previous IOCTA blog at:
IOCTA 2015 https://notesdeseguretat.blog.gencat.cat/2016/05/23/organised-crime-on-the-internet/
https://notesdeseguretat.blog.gencat.cat/2017/05/03/how-can-we-prevent-a-ransomware-attack/
Aquest apunt en català / Esta entrada en español / Post en français