Organised crime groups fuel a rise in violent crime in the EU

A new report by Europol warns that organised crime groups are increasingly employing violence in pursuit of their criminal objectives, and such violence represents a threat to public security in the EU.

Based on an analysis of contributions made by Member States to Europol in recent years, there has been a rise in the number of violent incidents associated with organised crime. Furthermore, the analysis points to an increasing willingness from criminal groups to resort to lethal violence.

In this report, Europol highlights the factors underpinning this trend and the challenges it poses to law enforcement and develops a set of recommendations.

The involvement in criminal gangs of younger and inexperienced hit men and the accessibility of firearms and explosives, together with violent incidents often perpetrated in crowded public places and broad daylight are considerable threats to public security.

Criminal groups are exploiting large EU ports as transit points, and the streets of the surrounding cities are particularly vulnerable to violence. International organised crime groups have established footholds in and around these ports, where the corruption and intimidation of workers critical to the unloading and storage of illicit commodities, and the competition for distribution are taking place.

The rise in violence in illicit markets can be linked to growing competition among criminal networks. Most drug-related fatal and serious incidences of violence have been reported in the cocaine and cannabis markets, which have recently attracted new players.

The report also points to an increased use of serious violence by organised crime groups to carry out their criminal activities. These violent crimes do not exclusively affect criminals; they target non-criminals including victims of human trafficking, violent robberies, law enforcement officers, lawyers, witnesses and informants, investigative journalists, or uncooperative dock workers.

On the basis of its analysis, Europol has drawn up a set of recommendations to support law enforcement authorities in countering organised crime:

• Proactively anticipate trends and shifts in criminal markets and network structures.

• Adopt a comprehensive step-by-step approach that includes detection and deterrence (including attacking criminal finances at an earlier stage).

• Focus on the processes and resources by which crimes are committed in order to identify points for intervention.

• Continue to promote cooperation at regional and international levels.

_____

Aquest apunt en català / Esta entrada en español / Post en français

Nayib Bukele regards the 1992 Peace Accords in El Salvador as a farce

The President of El Salvador, Nayib Bukele, cancelled the commemoration of the Chapultepec Peace Accords successfully led by the UN in 1992, which put an end to a 12-year civil war that left more than 75,000 dead in the Central American country.

Human rights organisations, victims of the war, opposition groups, intellectuals and ex-guerrillas have taken a stand against the Salvadoran president’s recent remarks about the Peace Accords signed 29 years ago.

Outrage erupted in El Salvador on the 16th of January this year when, for the second year in a row, the president refused to commemorate the signing of the Peace Accords. Moreover, he declared the Peace Accords a farce, a work of the elites and a pact between the corrupt. For Bukele, the signing of the peace agreements did not represent any improvement for the population in their most basic rights but rather translated to a new a phase of increased corruption, social exclusion and fraudulent enrichment of the signatory sectors – referring to members of the government at the time and the Farabundo Marty National Liberation Front (FMLN).

Following his statement, a group of social organisations and victims of the armed confrontation called on Bukele to respect the accords and maintain the government’s commitment to human rights, while a hundred Salvadoran and foreign academics published a letter rejecting the president’s statements and demanding respect for the truth and historical memory.

Bukele had already created a political storm in El Salvador by preventing the unblocking of military files related to the El Mozote Massacre in direct contravention of a court order to inspect the files as part of the judicial process intended to shed light on the massacre that took place there.

Former guerilla members of the People’s Revolutionary Army (ERP), one of the groups close to the FMLN, have also criticised Bukele. Very few families in this country escaped without being injured, directly involved or in some way touched by the drawn-out confrontation. By making these denialist statements, the president is again creating division in the country, when the Peace Accords are the achievement of the entire Salvadoran society, not just the political parties.

But Bukele’s attempts to erase others have worked for his political career in the past, and he has stated he intends to win at the legislative and municipal elections in February. That is his goal, as it was the goal of all the politicians that preceded him. Politicians who no longer applaud him but are a burden to him, and his strategy is to erase them at the ballot box and from the memory of all Salvadorans.

_____

Aquest apunt en català / Esta entrada en español / Post en français

Council calls for strengthening resilience and countering hybrid threats

The Council has adopted a series of conclusions which call for further enhanced responses at EU level to counter hybrid threats, including disinformation, and strengthening resilience. The Council notes that new technologies and crises, such as the ongoing COVID-19 pandemic, offer opportunities for hostile actors to expand their interference activities. These pose an additional challenge for the member states and the EU institutions, beyond the crisis itself.

The Council acknowledges that the COVID-19 pandemic makes the EU and its member states more vulnerable to hybrid threats. Such threats include the increased spread of disinformation and manipulative interference. Addressing these threats, particularly malicious cyber activities, disinformation and threats to economic security, requires a comprehensive approach involving effective cooperation and coordination.

In this context, the Council acknowledges that the EU approach to addressing disinformation is multidisciplinary and involves multiple stakeholders. The Council invites the Commission and the High Representative to further enhance responses at EU level, taking into account the economic and societal damage, as well as the possible damage to public health, caused by disinformation and the malign use of newly emerging technologies, including artificial intelligence.

The Council also urges continued efforts to strengthen the Task Forces and develop the Rapid Alert System with a view to developing a comprehensive platform for member states and EU institutions.

It also invites the Commission to develop and eventually implement additional transparency requirements for online platforms. The aim of such requirements would be to promote a digital public sphere, develop greater accountability and enhance transparency in addressing disinformation.

The Council notes that diplomatic engagement and measures are an effective European tool. This is in addition to enhancing resilience, which remains one of the most important tasks and is at the heart of European efforts to counter hybrid threats.

Lastly, the Council invites the Commission and the High Representative to play an active role in addressing pan-European vulnerabilities. This should include ensuring the security and resilience of supply chains to guarantee economic security, and proposing initiatives designed to strengthen resilience and improve responses as appropriate with due consideration of emerging technologies.

_____

Aquest apunt en català / Esta entrada en español / Post en français

Artificial intelligence threats

According to a new report from Europol published in November, criminals leverage artificial intelligence for malicious use. The document draws attention to the potential benefits of the technology, such as greater efficiency, automation and autonomy, but also warns of the growing risks that come with it. Cybercriminals have always been early adopters of the latest technology, and AI is no different.

The jointly developed new report from Europol, the United Nations Interregional Crime and Justice Research Institute (UNICRI) and Trend Micro, looks into current and predicted criminal uses of artificial intelligence (AI). The document provides law enforcers, policymakers and other organisations with information on existing and potential attacks leveraging AI and recommendations on how to mitigate these risks.

The report concludes that cybercriminals will leverage AI as an attack surface. Deepfakes are currently the best-known use of AI as an attack vector. However, the report warns that new screening technology will be needed in the future to mitigate the risk of disinformation campaigns and extortion, as well as threats that target AI data sets.

For example, AI could be used to support:

• Convincing social engineering attacks at scale.

• Document-scraping malware to make attacks more efficient.

• Evasion of image recognition and voice biometrics.

• Ransomware attacks, through intelligent targeting and evasion.

• Data pollution, by identifying blind spots in detection rules.

The paper also warns that AI systems are being developed to enhance the effectiveness of malware and to disrupt anti-malware and facial recognition systems.

To conclude the report, the three organisations make several recommendations:

• Harness the potential of AI technology as a crime-fighting tool to protect the cybersecurity industry and facilitate its policing.

• Continue research to stimulate the development of defensive technology.

• Promote and develop secure AI design frameworks.

• Leverage public-private partnerships and establish multidisciplinary expert groups.

_____

Aquest apunt en català / Esta entrada en español / Post en français

The effects of the coronavirus on organised crime in Latin America

354.- imagesThe coronavirus pandemic has forced criminal organisations in Latin America to make various internal changes. These adjustments stem from a desire to maintain their illicit operations despite the inconveniences: the trafficking of drugs and contraband, extortion and controlling the passage of migrants across borders. Their activities have been complicated by increased police checks and a lack of human activity.

As a result, organised crime gangs are having to move into previously unexplored territories, such as cybercrime or stealing medical supplies, for example. Some of the diverse dynamics being adopted by organised crime groups in Latin America are outlined below:

More social capital for criminals. Gangs such as MS13 and Barrio18 in El Salvador or the Jalisco cartel in Mexico, have created a situation whereby the criminals have supplanted the role of the State. The lockdown has afforded them a chance to consolidate control, win-over citizens and cultivate support.

The emergence of a new black market for medical equipment and medicines. Several countries on the continent already suffered from an active black market in medicines, and the pandemic has brought about an increase in thefts of medical supplies such as masks, hand sanitisers and even coronavirus detection kits.

The pandemic has exposed a severe lack of supply chain control in the medical field, which allows for products to be easily stolen.

More corruption. Healthcare systems have long been a target for corruption. Corrupt civil servants are taking advantage of the pandemic and using it as an opportunity to line their pockets.

More cybercrime. Criminals and hackers are taking advantage of increased online activity from citizens, businesses and government bodies. Brazil, Mexico and Colombia are the top three countries in Latin America for malware attacks.

In addition, organised crime groups are increasingly laundering money through cryptocurrency.

Less human trafficking. The tightening of border controls in response to the pandemic’s arrival in Latin America has forced organised crime gangs to scale back their activity in this field. Furthermore, the prices charged by the people smugglers, known as “coyotes”, have increased as crossing the various borders has become more difficult. They’re unlikely to lower these charges in the short-term.

Less illicit drugs, higher Prices. Drugs gangs have had to contend with transportation restrictions and increased patrols to enforce quarantines. As many borders have been closed, and police are monitoring vehicles, traffickers are finding it harder to move their product.

The impact has even been felt in US cities, where drug prices have spiked.

Inicio

_____

Aquest apunt en català / Esta entrada en español / Post en français

COVID-19 causes a surge in firearms sales in the USA

353.- baixaThe arrival of the coronavirus pandemic in the United Stated prompted increased sales of all types of arms, even leading to queues outside some shops.[1] Many of the buyers say they need to feel safe during the lockdown, which is forcing them to stay at home, sometimes alone. The demand for weapons has been largely non-specific. Customers want almost any type of weapon they can use to defend themselves; this in itself is unusual because, typically, people who buy arms have a specific kind of weapon in mind.

The first days of the pandemic in the US quickly led to cases of deaths by firearm involving suicides or issues related to the social distancing rules implemented to curb the coronavirus. In Detroit, for example, armed demonstrators protested against the stay-at-home order and the closure of gun shops.[2]

Faced with the need to decide which businesses could remain open, the vast majority of governors opted to categorise gun shops as suppliers of essential products, basic necessities, and as such, have been allowed to continue trading as usual.[3] Only five states categorised gun shops as non-essential businesses, forcing them to close as a result: New York, New Mexico, Washington, Massachusetts and Michigan. To comply with social distancing rules, federally-licensed vendors can even sell guns on the street or to customers in their cars. It is worth noting that in Virginia, while not forcing gun stores to close due to lockdown, they have recently passed a law limiting the sale and possession of firearms.[4]

The National Rifle Association, which has been in dire financial straits for some time due to costly internal battles, among other things, and laid off staff immediately before the pandemic arrived is actively fighting the governors who have forced gun shops to close. It has even gone as far as to sue, as a minimum, the governors of New Mexico and Massachusetts.

Research on the subject is unequivocal:

  • People are more likely to sustain injuries after threatening the attackers with a gun than if they call the police or run away.
  • Having a firearm in the home increases the chance that members of that household will be injured or killed.
  • Only one in every 40 firearm homicides are a legitimate act of self-defence.
  • The more firearms in circulation, the more accidental shootings and homicides.

As a result, it seems evident that the increased number of weapons in homes during the lockdown increases the chance of domestic conflicts becoming life-threatening situations. As journalist Melinda Wenner Moyer concludes in a recently published article: “The more guns we have, and the closer we keep them to us, the more danger we will be in during this pandemic”.[5] By contrast, in a country where public opinion considers the possession of a weapon a fundamental right, guaranteed by the second amendment of the Constitution, only a few governors have dared to face the uproar that can be caused by the closure of gun shops.

[1] https://www.thetrace.org/2020/04/the-coronavirus-has-gun-sales-soaring-his-fear-is-selling-to-the-wrong-person/

[2] https://www.thetrace.org/rounds/daily-bulletin-armed-protesters-stay-at-home-order-michigan/

[3] https://www.thetrace.org/2020/03/coronavirus-gun-store-closures-state-map/

[4] https://www.thetrace.org/2020/01/virginia-lawmakers-advance-historic-gun-reform-package-heres-what-it-means/

[5] https://www.thetrace.org/2020/04/gun-safety-research-coronavirus-gun-sales/

_____

Aquest apunt en català / Esta entrada en español / Post en français

New ransomware attacks target NAS storage devices

RANSOMWARE AL NASRansomware attacks targeting network-attached storage devices (NAS) have exponentially increased in recent months.

NAS systems, available for business purposes and home setup, are devices connected to a network to provide centralised storage capacity and backup data.

The number of ransomware strains targeting NAS and backup storage devices is growing, with users as yet still unprepared for the threat.

Ransomware has many different guises. The malware variant is popular with cybercriminals who use it to attack businesses, critical services – including hospitals and utilities – and individuals.

Once deployed on a system, the malware will usually encrypt files or full drives, issue its victim with a ransom note, and demand payment in return for a way to decrypt and restore access to the locked content.

There’s no guarantee that paying will result in decryption, but many will do so rather than lose their files; and when critical systems such as those at government bodies or healthcare providers are locked, there’s additional pressure to return to normal operations as quickly as possible.

The average consumer will often come across ransomware deployed through phishing campaigns and fraudulent messages or bundled within illegitimate or compromised software. However, researchers say that network-attached storage devices (NAS) are now also under direct threat from malware operators.

The devices may be accessed directly through a network or may have a web interface. The problem is that user authentication can sometimes be bypassed due to integrated software in NAS systems that have vulnerabilities.

To begin an attack chain, operators will first scan a range of IP addresses to locate internet-accessible NAS devices. Next, they will attempt to exploit its vulnerabilities and, if successful, deploy Trojans and begin encrypting the data of all the devices connected to the NAS unit.

Researchers cite WannaCry as the most popular type of ransomware used by cybercriminals, followed by Phny and Gandcrypt.

https://www.ooda.com/

_____

Aquest apunt en català / Esta entrada en español / Post en français

Online scams increase by 275% in the run-up to Christmas

FRAUD ALERTWith the end-of-year 2019 Black Friday and Cyber Monday sales behind us, the company Adobe Digital Insights analyses the, yet again, record-breaking numbers of online transactions. North American consumers alone spent 7.5 billion dollars online on Black Friday. The figures for Cyber Monday are even higher, accounting for nearly 30 billion dollars of consumer spending.

Yet, amidst all the Christmas-shopping enthusiasm, some of the deals seem too good to be true. An email promotion, for example, was offering 80% discounts on designer sunglasses. An offer like that can be hard to refuse, and purchase required just a simple click on the link. But it was all just a scam. The email address, the website, the links; they were all fake. And that’s just one of many. This type of fraud is now so commonplace that experts advise against clicking on any links promoted by emails altogether.

In a new report, published on the 26th of November 2019, investigators from leading cybersecurity firm Check Point warned of the growing risk of cybercrime during the Christmas period and concluded that changes must be made to the way we shop online.

According to their research, November 2018 saw a significant increase in phishing emails. A year later, the situation is notably worse. When Check Point compiled their report in mid-November 2019, even prior to the peak shopping dates of Black Friday and Cyber Monday, the amount of e-commerce related phishing websites had more than doubled, by up to 233%. A week after the Christmas holidays, that figure had increased to 275%. It should be pointed out that 2018 saw a tremendous increase in phishing emails during the Christmas period, but in 2019, there were almost three times as many.

The total 2019 Christmas shopping spending for the United States amounted to 144 billion dollars, a 14% increase on the 2018 figure. And this sizeable spend took place between the end of November and the Christmas holidays. Of this figure, some 30 billion dollars were spent on Cyber Monday. And this is why Cyber Monday presents an almost unmissable opportunity for cybercriminals.

Investigators warn of how easy it is to disguise scams in bogus emails, text messages and social media posts. In this context, adds Check Point, it’s incredibly easy to obtain credit card details or take payment through PayPal without ever sending the supposedly purchased goods. The first step is to lure consumers by creating a domain that plausibly impersonates a legitimate shopping site. Many appear to be secure HTTPS addresses, and they load a long URL with legitimate text.

Some fraudulent campaigns are sent out to thousands of potential consumers through infected computers which act like bots, sending emails from diverse global locations to evade spam filters. Investigators noted that during the last six months of 2019 alone, more than 1,700 domains which look similar to the official Amazon website were registered.

Relevant links:

https://www.ooda.com/

_____

Aquest apunt en català / Esta entrada en español / Post en français

Latest cybercrime threats, trends, and strategies

cibercrim.png2In October 2019, more than 400 experts from law enforcement, the private sector, and academia gathered at Europol’s headquarters in The Hague, to discuss “Law enforcement in a connected future”.

The 7th Europol-INTERPOL Cybercrime Conference looked at ways of efficiently combining the expertise, resources, and insights of law enforcement, the private sector, and the academic world to make the internet a safer environment, especially in a society which is becoming increasingly dependent on digital capabilities.

Key themes discussed included:

The benefits and challenges of Artificial Intelligence for the police; the potential impact of 5G technology; cross-border access to electronic evidence; obstacles to international cooperation in cybercrime investigations; the importance of cyber capacity building; cryptocurrency trends and challenges; the use of open-source intelligence and privacy considerations.

The meetings highlighted the fact that cybercriminals are becoming increasingly audacious, moving their focus to more widespread and elaborate attacks on more substantial and more profitable targets, with ominous potential for causing more damage.

This year’s conference saw 100 organisations and more than 70 different law-enforcement agencies participate in solution-orientated debates on how to collectively tackle the practical challenges at hand.

The conclusions emphasised the need for even closer cooperation in the areas of:

  • Business email compromise (BEC): while BEC continues to evolve, it continues to cause economic damage, taking advantage of segregated corporate structures and internal gaps in payment verification processes.
  • The dark web: as the dark web evolves, it becomes a threat in its own right and not just a platform for the sale of illegal products such as drugs, firearms, or compromised data.
  • Research and development: technology is developing at an ever-increasing pace, creating new challenges and opportunities for law enforcement. This is compounded by the data-volume challenge, legal challenges, and a constantly expanding threat surface.
  • Innovation: The incorporation of innovation, as part of an effective response to crime, is not exclusively a matter for the private sector.

The conference made clear that the world of cybercrime is agile and adapting, connecting and cooperating in ways we could never have imagined just a few years ago. Law enforcement must, therefore, adapt to this ever-changing criminal environment to protect society in the cyber domain.

_____

Aquest apunt en català / Esta entrada en español / Post en français

 

Threats to the cybersecurity of the 5G network

Among today’s many technological advancements, 5G (fifth-generation wireless network) is among the ones that will have the most impact on citizens. It offers two significant improvements in data transmission: more volume and more speed. These enhancements to the current network could have a significant effect on both the public and private sectors.

The issue of cybersecurity is one of the challenges facing 5G deployment, and the European Union wants its institutions to be instrumental in dealing with the problem. In March 2019, the European Council and the European Commission presented a series of recommendations outlining the steps and measures to be taken, both at a national and European level, to achieve the necessary high levels of 5G cybersecurity throughout the European Union.

One of the European-level measures was the issue of the Threat Landscape Report to assist member states with their national risk assessments. In October 2019, this was complemented by the publication of the EU coordinated risk assessment of the cybersecurity of 5G networks report. The report was compiled from information provided by Member States and from ENISA (the European Union Agency for Cybersecurity). Its risk assessment outlines the principal threats and threat actors, the assets that could be at risk from those threats, vulnerabilities, risk scenarios, and a set of existing security measures that could be used as a baseline for mitigating those risks and threats.

With regard to principal threats, the scenarios which pose the greatest danger are:

  • Local or global 5G network disruption affecting the availability of the network;
  • Spying of traffic or data in the 5G network infrastructure with implications for confidentiality;
  • The modification or re-routing of traffic or data in the 5G network infrastructure, which could affect the integrity or confidentiality of communications; and
  • The destruction or alteration of other digital infrastructures or information systems through the 5G network, which could affect the integrity or availability of services.

These threats, which already exist for the current network, become more significant with 5G because it increases their potential intensity and impact.

Among the conclusions drawn in the document, four are highlighted:

  • The technological changes introduced by 5G will bring about enhanced functionality at the edge of the network, a less centralised architecture, and an increase in the use of software as part of the 5G equipment. These factors will increase the overall attack surface and the number of potential entry points for attackers.
  • The new technological features of 5G will lead mobile network operators to rely more on third-party suppliers, which, in turn, will increase the number of system attack paths.
  • Any dependency on a single supplier increases the exposure to and consequences of potential supply incidences.
  • 5G networks will play an important role in the supply chain of critical network applications. This will impact the confidentiality, privacy, integrity, and availability of those networks, becoming one of the major national-security concerns and most significant security challenges from an EU perspective.

It should be noted that the Catalan Government has made the deployment of 5G technology a priority for the country, and already has the infrastructure to run usage tests like the one undertaken by TV3 when broadcasting the National Day of Catalonia on the 11th of September 2019.

https://europa.eu/rapid/press-release_IP-19-1832_en.htm

_____

Aquest apunt en català / Esta entrada en español / Post en français