lolloj - Fotolia
Although 2016 will be remembered for the numerous breaches of users’ personal data by big-name companies offering online services, ransomware attacks have been the most common type of cyber criminal activity in the past year.
But this has been closely followed by an uptick in the number, power and sophistication of distributed denial of service (DDoS) attacks, which have been spurred by the proliferation of criminal online services enabling anyone who is willing to pay to target companies in this way.
2016 was also marked by several large breaches of user data by online services companies – the largest of the year involving 412 million user accounts – but the top breach revelation of the year was confirmation that 500 million user accounts were exposed in a 2014 breach at Yahoo.
Cyber crime in the financial sector was another hallmark of the year, with a series of bank heists associated with Swift followed by the theft of £2.5m from Tesco Bank customers towards the end of the year, resulting in numerous calls for better cyber security in banking.
But not all news about cyber crime was negative in 2016, with several news stories focusing on what law enforcement organisations are doing in the UK, Europe and internationally to turn the tide.
Here are Computer Weekly’s top 10 cyber crime stories of 2016:
This was confirmed by Eset data which showed that ransomware made up a quarter of UK cyber attacks, and was continuing to rise, while in August Trend Micro reported that the occurrence of ransomware families nearly doubled in the first half of 2016 compared with the whole of 2015 and PhishMe research concluded that ransomware is a mature business model for cyber criminals.
The impact of ransomware was underlined by a study, also published in August, that found that one in five businesses hit by ransomware are forced to close, but despite this harsh reality, another study found that almost two-thirds of US office workers were unaware of ransomware threat, emphasising the need for cyber security awareness training.
The UK is second only to the US in being targeted by distributed denial of service (DDoS) attacks with the aim of vandalism, disrupting businesses or extorting money from businesses, a report revealed in August.
Although DDoS mitigation technologies are fairly mature, security consultants report that after ransomware attacks, DDoS attacks were the most common reason for callouts from affected businesses in 2016. DDoS attacks are not new, but attackers have been exploring new techniques for delivering more powerful attacks over longer periods. DDoS attacks have also been driven by the release of the Mirai code for establishing IoT botnets and the availability of DDoS services for as little as $5 an hour.
In the biggest data breach of the year, user details of more than 412 million accounts were exposed in a data breach at FriendFinder Networks, that once again confirmed poor user data protection and poor password practices.
In addition to confirmation of a 2014 breach at Yahoo that exposed a record 500 million accounts, 2016 also saw a string of other breaches, including the Dailymotion breach, which prompted calls for password alternatives, the US Navy breach, which highlighted third-party cyber risk, the breach at mobile network operator Three, which highlighed several security issues, the Dropbox breach, and the Australian Red Cross Blood Service data breach, which showed security is still not a priority for many organisations.
In November, Tesco Bank was forced to halt online banking after thousands of current account customers were hit by fraudulent transactions by hackers, who managed to steal £2.5m.
Cyber security commentators said the Tesco Bank theft shows need to take cyber security more seriously. Interestingly, within weeks of the attack, academics from Newcastle University said payment card vulnerability could be linked the heist, and called for standardisation of online transaction checking.
The Tesco Bank heist also led to the UK’s Financial Conduct Authority (FCA) expressing concern about weaknesses in banks’ IT systems, which also emerged as a theme in 2016.
In October, the US Treasury called on banks to provide more cyber attack information after the attempted $1bn bank heist in which cyber criminals still managed to get away with $81m, which Swift said highlighted the gap between attacker and defenders. Swift also warns banks of fresh wave of cyber heists as security researchers reported financial cyber attacks were increasing as malware writers were join forces after cyber attacks on at least three Asian banks were found to share malware links
Despite the evidence that much cyber criminal activity is carried out by professional cyber crime organisations, many businesses are ill-equipped to deal with the threats posed by profit-oriented and highly organised cyber criminal enterprises, a BT-KPMG report revealed in July.
Underlining the trend toward industrialised cyber crime, a Symantec threat report showed that the UK ranks highly in phishing, social media and ransomware attacks as cyber criminals professionalise and take advantage of unpatched websites. The report showed the UK ranks as the most targeted nation in the world for spear phishing attacks. The UK is also the most targeted country in Europe for social media scams, and ranks second only to Germany in Europe for ransomware attacks.
As cyber criminal organisations have professionalised, fortunately law enforcement organisations have bee working to improve their ability to fight cyber crime, such as the UK’s National Crime Agency (NCA), which is working to increase its engagement with business, deputy director of the agency’s National Cyber Crime Unit (NCCU) Sarah Goodall told Computer Weekly.
In line with this strategy, the NCA published a report in July that showed business has critical role in fighting cyber crime, which was largely welcomed by the security industry.
Just as the NCA is pursuing new strategies in the UK, European law enforcement is fighting back, using collaboration and industry partnerships to compensate for a lack of resources. Insiders told Computer Weekly, that despite the challenges, law enforcemet is far more structured than in the past and there is more collaboration at all levels and even with national cyber incident response teams.
The UK was among 30 countries that contributed to the dismantling of a cloud-computing network used by cyber fraudsters to target one million users every week with malware-infected emails.
Other evidence that the tide may be turning is the number of arrests made of cyber criminals in 2016, including the hackers arrested in the Three mobile upgrade scam, the charging of more people with cyber crime offences, including the third member of an international ATM hacking gang by London police, and the jailing of cyber criminals including the Apple iCloud and Gmail hacker.