Cybercrime: 10 Top Tactics and Trends
From Ransomware and DDoS to Malware and SIM Swapping: Europol Describes Latest Threats
According to the seventh annual Internet Organized Crime Threat Assessment, produced by Europol ransomware attacks remain the top cyber-enabled threat. But phishing, business email compromises and other types of fraud – many now using a COVID-19 theme – also loom large.
Here are 10 of the top threats from the Europol report in alphabetical order.
1. Business Email Compromise
BEC attacks continue to rise, Europol warns. “As criminals are more carefully selecting their targets, they have shown a significant understanding of internal business processes and systems’ vulnerabilities.”
2. COVID-19 Themes
Criminals tap into current events to trick potential victims and, of course, nothing this year has loomed larger than COVID-19. “Criminals tweaked existing forms of cybercrime to fit the pandemic narrative, abused the uncertainty of the situation and the public’s need for reliable information,” the report says. However, this is just the latest variation of long-established ploys.
3. Card Fraud
“Card-not-present fraud continues to increase as criminals diversify in terms of target sectors and electronic skimming – e-skimming – modi operandi,” the report notes. “Fueled by a wealth of readily available data, as well as a cybercrime-as-a-service community, it has become easier for criminals to carry out highly targeted attacks,” as well as to cash out stolen data, including payment card details.
4. Criminal Cooperation
One major malware concern for law enforcement agencies is the extent to which cybercriminals appear to be collaborating. “Both member states and private sector respondents have noticed an increase in subcontracting and cooperation among threat actors, which has improved their capabilities,” the report says. A similar trend has been seen with ransomware gangs increasingly cooperating over malware, infrastructure and money-laundering activities.
5. Distributed Denial-of-Service Attacks
While the overall quantity of DDoS attacks has recently declined, some individual attacks have nevertheless caused massive disruptions. “Law enforcement agencies also came across cases where threat actors engaged in small attacks against larger organizations, extorting them for money with the threat of conducting larger attacks,” the report says.
Another DDoS trend: Targeting smaller organizations that are less likely to have DDoS defenses in place and are thus relatively easy for extortionists to disrupt.
6. Modular Malware
In years past, banking Trojans were a favored tool for criminals keen to steal individuals’ bank details and drain their accounts. Today, more common is “more advanced, modular malware,” which is designed to give attackers a much broader range of capabilities, the report states.
Simply put, “ransomware remains the most dominant threat as criminals increase pressure by threatening publication of data if victims do not pay,” the report notes. The threat is being felt globally. Attacks appear to be getting increasingly targeted and could soon extend to smart cities and devices.
One challenge, however, is underreporting of such crime by victims. “Considering the scale of damage that ransomware can have, victims also appear to be reluctant to come forward to law enforcement authorities.”
8. SIM Swapping
This is the first IOCTA report to include subscriber identity module – aka SIM – swapping as one of the major trends. It’s included because this tactic has been causing “significant losses” and also attracting much more attention from law enforcement agencies, Europol says.
“As a highly targeted type of social engineering attack, SIM swapping can have potentially devastating consequences for its victims, by allowing criminals to bypass text message-based (SMS) two-factor authentication (2FA) measures gaining full control over their victims’ sensitive accounts,” the report states.
9. Smishing Attacks
Smishing – sending fraudulent text messages, often to emulate banks – is a fast-rising type of fraud that resembles phishing, but which may not be seen as suspicious by recipients. “As most bank customers receive the advice to be suspicious of emails, customers do not yet have the same level of skepticism towards potentially fraudulent text messages,” the report says. “In addition, it is difficult to impossible for banks to protect their customers from smishing attacks, as criminals aim to abuse the Alpha Tag of the SMS thread and Signaling System 7 (SS7) vulnerabilities.
10. Social Engineering and Phishing
Social engineering also remains a top threat – especially when it comes to phishing attacks. “Cybercriminals are now employing a more holistic strategy by demonstrating a high level of competency when exploiting tools, systems and vulnerabilities, assuming false identities and working in close cooperation with other cybercriminals,” Europol’s report states. “However, despite the trend pointing toward a growing sophistication of some criminals, the majority of social engineering and phishing attacks are successful due to inadequate security measures or insufficient awareness of users … as attacks do not have to be necessarily refined to be successful.”
If your organization has questions about any of these threats, or the needed precautions, call ITPAC today.