Europol cyber crime report highlights emerging threats to enterprise security

Ransomware attacks are becoming more targeted and less opportunistic, Europol has found, while warning enterprises of the threat posed by new and emerging forms of cyber attack. 

Ransomware is now a standard attack tool for cyber criminals, but there has been a shift from random attacks to targeting specific companies or people, The internet organised crime threat assessment 2018 report by Europol warns.

While there was not a large volume of reports last year, mobile malware is expected to grow as users shift from online to mobile banking – a threat to both private and public organisations.

European states must also be aware of emerging threats, such as cryptomining and payment card fraud. The targeting of financial instruments is not a new phenomenon, but criminals are now attacking businesses and users of cryptocurrencies.

Another emerging threat flagged in the report is the popularisation of “true” cryptomining malware, which uses the processing power of infected machines to mine cryptocurrencies without the owner realising.

The findings anticipate a more pronounced shift towards privacy-oriented currencies, with an increase in extortion demands and ransomware within cryptocurrencies.

Europol executive director Catherine De Bolle said the report highlights why law enforcers must be up to date with emerging technologies.

“Cyber crime cases are increasingly complex and sophisticated,” she said. “Law enforcement requires additional training and investigative and forensic resources in order to adequately deal with these challenges.

“The policing opportunities arising from emerging technologies, such as big data analytics and machine learning, need to be seized.”

Skimming bank cards, where data is illegally collected from the magnetic strip, remains a common problem throughout Europe, but card-not-present fraud continues to be a dominant threat.

The continued decrease in card skimming is a result of geoblocking measures as data is often sold overseas via the dark web, where Europay, MasterCard and Visa (EMV) have implemented either slow or non-existent service.

Rusty Carter, vice-president of product management at Arxan Technologies, a company specialising in application attack prevention and self-protection for internet of things (IoT), mobile and other applications, said: “There is no technological reason why traditional skimmers should still be effective.

“The industry and institutions should be looking ahead to move beyond traditional cards and even chip and PIN, to more advanced MFA [multi-factor authentication] before authorising payments and withdrawals.

“CNP fraud further highlights the need for MFA in transactions. Institutions and issuers will need to build the infrastructure to enable PoS [point of sale] and online merchants, and start requiring it at least initially for high-value transactions.

“These are well-known security techniques in other industries and enterprise information security, where additional authentication factors and environmental conditions need to be present, such as a secured app for token retrieval by the user, in order to escalate privileges.”

According to Europol, the most effective defence against cyber crime is the education of potential victims. Law enforcement organisations should raise awareness of threats and trends while supporting prevention, it said.

This includes working with cryptocurrency-related businesses such as exchangers, mining pools or wallet operators. Cyber crime investigators should receive specialist training for investigating cryptocurrencies.