This October, Europol published its 2020 cybercrime report, with updates on the latest trends and the current impact of cybercrime within the EU and beyond.
The global COVID-19 pandemic that hit every corner of the world forced us to reimagine our societies and reinvent the way we work and live. During the lockdown, we turned to the internet for a sense of normality: shopping, working and learning online at a scale never seen before. And cybercriminals took advantage of it to commit many different types of crimes.
Phishing remains an effective threat. Criminals use innovative methods to increase the volume and sophistication of their attacks. Criminals quickly exploited the pandemic to attack vulnerable people; phishing, online scams and the spread of fake news became an ideal strategy for cybercriminals seeking to sell items they claim will prevent or cure COVID-19.
Encryption continues to be a clear feature of an increasing number of services and tools. One of the main challenges for law enforcement is how to access and gather relevant data for criminal investigations.
Ransomware attacks have become more sophisticated, targeting specific organisations in the public and private sector through victim reconnaissance. While the COVID-19 pandemic has triggered an increase in cybercrime, ransomware attacks were targeting the healthcare industry long before the crisis. Moreover, criminals have included another layer to their ransomware attacks by threatening to auction off the comprised data, increasing the pressure on the victims to pay the ransom.
The main threats related to online child abuse exploitation have remained stable in recent years; however, the detection of online child sexual abuse material saw a sharp spike at the peak of the COVID-19 crisis. Offenders keep using a number of ways to hide this horrifying crime, such as P2P networks and encrypted communications applications.
Livestreaming of child abuse continues to increase, becoming even more popular than usual during the COVID-19 crisis when travel restrictions prevented offenders from physically abusing children. In some cases, video chat applications in payment systems are used, which becomes one of the key challenges for law enforcement as this material is not recorded.
SIM swapping, which allows perpetrators to take over accounts, is one of the new trends this year. Criminals fraudulently swap or port victims’ SIMs to one in the criminals’ possession in order to intercept the one-time password step of the authentication process.
In 2019 and early 2020, there was a high level of volatility on the dark web. The lifecycle of dark web marketplaces has shortened, and there is no clear dominant market that has risen over the past year. Tor remains the preferred infrastructure; however, criminals have started to use other privacy-focused, decentralised marketplace platforms to sell their illegal goods. Although this is not a new phenomenon, these sorts of platforms have started to increase over the last year.