author photo
By Bruce Sussman
Wed | Oct 9, 2019 | 7:38 AM PDT

The EU agency that coordinates cybercrime investigations with agencies around the world just released its list of cyberattack trends.

It's worth considering the agency's top findings as a benchmark on cyberattacks and the cyber threat landscape.

Data and innovation: big for cybercriminals and law enforcement

Europol noted right off the top of its 6th annual cybercrime report that data continues to gain prominence.

"Data is the key element in cybercrime, both from a crime and an investigative perspective."

The report also reveals that cybercriminals are innovating. However, they do this only when forced to.

"... criminals only innovate their criminal behaviour when existing modi operandi have become unsuccessful or more profitable opportunities emerge. In essence, new threats do not only arise from new technologies but often come from known vulnerabilities in existing technologies that remain unpatched for extended periods of time."

Ah, yes, there's our old friend again: patch management. If your organization does not have a working program in this area, you are leaving yourself exposed. 

A failure to patch just led to the first successful attack against the U.S. power grid. And it was a gateway for cybercriminals in the Equifax mega-breach.

Cybercrime Top 10 list

Now, let's look at Europol's top 10 cybercrimes list, which reveals the top types of cyberattacks the law enforcement agency is seeing right now.

See these findings in greater detail in the Internet Organised Crime Threat Assessment (IOCTA).

1. Ransomware remains the top cybercrime threat in 2019.

"Even though law enforcement has witnessed a decline in the overall volume of ransomware attacks, those that do take place are more targeted, more profitable and cause greater economic damage. As long as ransomware provides relatively easy income for cybercriminals and continues to cause significant damage and financial losses, it is likely to remain the top cybercrime threat."

2. DDoS attacks—while using ransomware to deny an organisation access to its own data—may be the primary threat in this year's IOCTA.

 "Denying others access to that organisation's data or services is another significant threat. Distributed Denial of Service (DDoS) was one of the most prominent threats reported to Europol. Many banks report that DDoS attacks remain a significant problem, resulting in the interruption of online bank services, creating more of a public impact rather than direct financial damage."

3. Data overload in fighting child sexual exploitation material.

"The amount of material detected online by law enforcement and the private sector continues to increase. This increase puts considerable strain on law enforcement resources. One development that could be of concern for online child sexual exploitation is the ongoing improvements of deepfakes. Deepfake technology is an AI-based technique that places images or videos over another video."

4. Self-generated explicit material is more and more common.

"Driven by a growing number of minors with access to high-quality smartphones. A lack of awareness about the risks on the side of minors exacerbates the problem."

5. Smart cities: the most visible ransomware attacks in 2019 were those against local governments, specifically in the United States.

"Whether this trend will also become a threat to EU Member States is something to be seen, but experiences in the US are a warning."

6. Law enforcement is increasingly responding to attacks on critical infrastructure.

"Law enforcement appears to have become involved in a much wider variety of investigations into attacks on critical infrastructures, including attacks on the energy, transport, water supply, and health sectors. Attacks on these infrastructures by financially motivated criminals remain unlikely, as such attacks draw the attention of multiple authorities and as such pose a disproportionate risk."

7. The Darknet is becoming more fragmented.

"There are increases in single-vendor shops and smaller fragmented markets on Tor, including those catering for specific languages. Some organised crime groups are also fragmenting their business over a range of online monikers and marketplaces, therefore presenting further challenges for law enforcement."

8. Blockchain marketplaces are active.

"In addition to circumventing law enforcement, criminal developers are also motivated by the need to increase trust with their customer base on Tor, both in terms of anonymity but also by reducing the risk of exit scams. An example of such a market is Black Dog, scheduled for launch in August 2019. It claims to be the 'first-ever truly decentralised crypto market' and depends on the Ethereum blockchain to facilitate transactions."

9. Business Email Compromise (BEC) is changing.

"Data returns to the discussion of business email compromise, which is a crucial priority reported by both Member States and the private industry. While this crime is not new, it is evolving. This scam exploits the way corporations do business, taking advantage of segregated corporate structures, and internal gaps in payment verification processes."

[RELATED: BEC Losses Top $26 Billion in Six Years]

10. EU law enforcement emergency response protocol.

"The coordinated response to large-scale cyber-attacks remains a key challenge to effective international cooperation in the cybersecurity ecosystem. The development of the EU law enforcement emergency response protocol has significantly improved the cyber preparedness by shifting away from incongruent incident-driven and reactive response measures and acting as critical enablers for rapid response capabilities that support cyber resilience."

New podcast is a resource for cybersecurity leaders and professionals

We believe insights and collaboration can help organizations fight cybercrime.

Along these lines, SecureWorld is proud to announce The SecureWorld Sessions, a new cybersecurity podcast that gives you access to thought leaders who share strategies for securing your organization and growing your cybersecurity career. 

Listen to the trailer and search for it on your preferred podcast platform.

You can already download interviews with these security leaders:
     • Bruce Schneier
     • Tim Callahan, CSO of Aflac
     • Dawn-Marie Hutchinson, GSK's CISO for Pharmaceuticals and R&D
     • Shawn Tuma, Co-Chair, Data Privacy & Cybersecurity Practice, Spencer Fane, LLP