Europol’s 2020 cybercrime report updates on the latest trends and the current impact of cybercrime within the EU and beyond.
So much has changed since Europol published last year’s Internet Organised Crime Threat Assessment (IOCTA). It is in this new normal that Europol publishes its 7th annual IOCTA. The IOCTA seeks to map the cybercrime threat landscape and understand how law enforcement responds to it. Although the COVID-19 crisis showed us how criminals actively take advantage of society at its most vulnerable, this opportunistic behaviour of criminals should not overshadow the overall threat landscape. In many cases, COVID-19 has enhanced existing problems.
Cross-cutting crime
Social engineering and phishing remain an effective threat to enable other types of cybercrime. Criminals use innovative methods to increase the volume and sophistication of their attacks, and inexperienced cybercriminals can carry out phishing campaigns more easily through crime as-a-service. Criminals quickly exploited the pandemic to attack vulnerable people; phishing, online scams and the spread of fake news became an ideal strategy for cybercriminals seeking to sell items they claim will prevent or cure COVID-19.
More sophisticated malware
Los ataques con programas de rescate se han vuelto más sofisticados, apuntando a organizaciones específicas en el sector público y privado a través del reconocimiento de las víctimas. Mientras que la pandemia de COVID-19 ha desencadenado un aumento de los delitos cibernéticos, los ataques con software de rescate se dirigían a la industria de la salud mucho antes de la crisis. Además, los delincuentes han incluido otra capa en sus ataques de rescate, amenazando con subastar los datos incluidos, lo que aumenta la presión sobre las víctimas para que paguen el rescate.
Ransomware attacks have become more sophisticated, targeting specific organisations in the public and private sector through victim reconnaissance. While the COVID-19 pandemic has triggered an increase in cybercrime, ransomware attacks were targeting the healthcare industry long before the crisis. Moreover, criminals have included another layer to their ransomware attacks by threatening to auction off the comprised data, increasing the pressure on the victims to pay the ransom.
Child abuse material on the rise
Las principales amenazas relacionadas con la explotación del abuso infantil en línea se han mantenido estables en los últimos años, sin embargo, la detección de material de abuso sexual infantil en línea experimentó un fuerte repunte en el punto álgido de la crisis de COVID-19. Los delincuentes siguen utilizando varias formas de ocultar este horrendo crimen, como las redes P2P, las plataformas de redes sociales y el uso de aplicaciones de comunicaciones cifradas. La corriente de maltrato infantil sigue aumentando y se ha hecho más popular de lo habitual durante la crisis de COVID-19, cuando las restricciones de viaje impidieron que los delincuentes abusaran físicamente de los niños. En algunos casos se utilizan aplicaciones de videoconferencia en sistemas de pago, lo que se convierte en uno de los principales desafíos para los organismos de represión, ya que este material no se graba.
The main threats related to online child abuse exploitation have remained stable in recent years, however detection of online child sexual abuse material saw a sharp spike at the peak of the COVID-19 crisis. Offenders keep using a number of ways to hide this horrifying crime, such as P2P networks, social networking platforms and using encrypted communications applications. Livestream of child abuse continues to increase, becoming even more popular than usual during the COVID-19 crisis when travel restrictions prevented offenders from physically abusing children. In some cases, video chat applications in payment systems are used which becomes one of the key challenges for law enforcement as this material is not recorded.
Payment Fraud
SIM swapping, which allows perpetrators to take over accounts, is one of the new trends in this year’s IOCTA. As a type of account takeover, SIM swapping provides criminals access to sensitive user accounts. Criminals fraudulently swap or port victims’ SIMs to one in the criminals’ possession in order to intercept the one-time password step of the authentication process.
Dark Web
In 2019 and early 2020 there was a high level of volatility on the dark web. The lifecycle of dark web market places has shortened and there is no clear dominant market that has risen over the past year. Tor remains the preferred infrastructure, however criminals have started to use other privacy-focused, decentralised marketplace platforms to sell their illegal goods. Although this is not a new phenomenon, these sorts of platforms have started to increase over the last year. OpenBazaar is noteworthy, as certain threats have emerged on the platform over the past year such as COVID-19-related items during the pandemic.
Leave a Reply