Ransomware Retains Its Dominance Among Threats, Says Europol

Among the different kinds of malware threats, ransomware still retains its dominance, according to the Europol Internet Organised Crime Threat Assessment 2018.

The Europol Assessment report says, “Even though the growth of ransomware is beginning to slow, ransomware is still overtaking banking Trojans in financially-motivated malware attacks, a trend anticipated to continue over the following years. In addition to attacks by financially motivated criminals, significant, public reporting increasingly attributes global cyber-attacks to the actions of nation states. Mobile malware has not been extensively reported in 2017, but this has been identified as an anticipated future threat for private and public entities alike.”

It further adds, “Illegal acquisition of data following data breaches is a prominent threat. Criminals often use the obtained data to facilitate further criminal activity. In 2017, the biggest data breach concerned Equifax, affecting more than 100 million credit users worldwide. With the EU GDPR coming into effect in May 2018, the reporting of data breaches is now a legal requirement across the EU, bringing with it hefty fines and new threats and challenges.”

The findings of the report gain relevance in the light of the ransomware attacks in the recent past, including high profile ones (WannaCry, NotPetya etc) and low-profile ones (Cerber, Cryptolocker, Locky etc), which have done great damages to businesses all over the world. Ransomware and ransomware attacks show an ever-evolving nature, with cybercriminals shifting attention from spam campaigns to highly targeted attacks, planned and executed against specific organizations.

The Europol report says, “As we have seen with other cyber-attacks, as criminals become more adept and the tools more sophisticated yet easier to obtain, fewer attacks are directed towards citizens and more towards small businesses and larger targets, where greater potential profits lie”

The report also warns organizations about the rising popularity of the cryptojacking malware among cybercriminals. The report points out, “Despite the revenues generated by ransomware, there are some predictions that cryptominers may overtake ransomware as money generators”. It further says, “Such attacks are infinitely more appealing to cybercriminals wishing to keep a low profile, requiring little or no victim engagement and, at least currently, minimal law enforcement attention
(with browser based mining not actually being illegal). Given that during 2017 Bitcoin prices reached a value of almost EUR 17 000 and the more easily mineable Monero reached almost EUR 400 (per coin), the risk vs reward clearly favours cryptomining, given that a typically quoted ransomware payment is around EUR 250.”

Europol also warns that remote access trojans still are a danger and data-stealing malware continues to be used in campaigns launched against businesses (mostly from the finance industry) as well as governments. The report also discusses telecommunication frauds, payment fraud, online child sexual exploitation etc.

Europol also stresses on the need for collaboration and additional training in the combat against cybercrime on the global level.