Europol Identifies The Top Cyber Threats

Europol has just published a new threat report that highlights malware-based ransomware cyber attacks that are a major threat, and that ransomware affiliate programs have become the main form of crime for ransomware groups.

The report states: “Cyber criminals usually gain initial access through compromised user credentials or by exploiting vulnerabilities in the targeted infrastructure... Malware-based cyber-attacks, specifically ransomware, remain the most prominent threat with a broad reach and a significant financial impact on industry."

Of particular importance is how ransomware affiliate programs have become established as the main business model for ransomware groups who continue deploying multi-layered extortion methods, with indications that the theft of sensitive information might become the core threat.” 

The most common intrusion tactics include phishing emails containing malware, remote desktop protocol (RDP) brute forcing, and virtual private network (VPN) vulnerability exploitation.

The report details that after Microsoft blocked the option to deliver macros over the Internet in their applications, cyber criminals have shifted to using container files. Nevertheless, victims can still be infected with droppers through Internet search engines, where users are lured with search engine optimisation (SEO) keywords to download malware disguised as a legitimate program or tool.

It is also important to note the impact of Russia’s war against Ukraine on the process, which according to the report has led to a “significant boost” in DDoS attacks against targets in the EU and the highest profile attacks were politically motivated and coordinated by pro-Russian hacker groups. Recent examples include large-scale assaults on Poland and Lithuania.

Furthermore, the war in Ukraine, mass mobilisation in Russia, and Western sanctions have pushed some previously untouchable cyber criminals in the region to flee to jurisdictions in the EU. Among these was the creator of a data theft malware called “RacoonStealer”. This was a malware-as-a-service product sold to clients for $200 a month in crypto currencies and is thought to have been used to steal data and empty the digital currency wallets of more than two million victims.

Europol is also now making sexual exploitation a cyber crime priority as the web has enabled offenders to interact with each other online and obtain indecent material of children in volumes that were unimaginable 10 years ago.

The report concludes with a warning that cyber attacks are expected to increase as a criminal threat affecting the EU and that cyber criminals are likely to further embrace new technologies and maximise the reach of their services, with sensitive data as a core target.

Europol:      Europol:    Interpol:      I-HLS:    Professioanl Security:     Cybernews:     Computer Weekly:

You Might Also Read:

Qakbot Malware Taken Down:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Jargon Buster: Untangling The Complexity In Cybersecurity 
Zero-Trust: Protecting From Insider Threats »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Trusted Computing Group

Trusted Computing Group

TCG was formed to develop, define and promote open, vendor-neutral, global industry standards, supportive of a hardware-based root of trust, for interoperable trusted computing platforms.

Hotlava Systems

Hotlava Systems

HotLava network adapters enable today's powerful servers and workstations to deliver more productivity by reducing congestion at the network interface.

Libraesva

Libraesva

Libraesva specialize in Email Security. From Email Security, Phishing Awareness and Email Archiver. We can assist you with any email issues you may have.

Research Institute in Trustworthy Industrial Control Systems (RITICS)

Research Institute in Trustworthy Industrial Control Systems (RITICS)

RITICS is one of three Research Institutes formed as part of the UK National Cyber Security Strategy.

CSIRT Malta

CSIRT Malta

CSIRT Malta supports critical infrastructure organisations in Malta on how to protect their information infrastructure assets and systems from cyber threats and incidents.

Digital Ship

Digital Ship

Digital Ship provides news, information, conferences and events focused on digital ship systems, information technology and security relating to maritime operations.

KeepSolid

KeepSolid

KeepSolid is a Virtual Private Network services provider offering secure encrypted access to the internet.

Trustelem

Trustelem

Trustelem offers European and global companies a ready-to-use access management service that respects the principles of sovereignty, territoriality and privacy.

ePlus

ePlus

ePlus designs and delivers effective, integrated cybersecurity programs centered on culture and technology, aimed at mitigating business risk and empowering digital transformation.

Bitcrack

Bitcrack

Bitcrack Cyber Security helps your company understand and defend your threat landscape using our key experience and skills in cybersecurity, threat mitigation and risk.

HMS Networks

HMS Networks

HMS stands for Hardware meets Software. Our technology enables industrial hardware to communicate and share information with software and systems.

Sollensys

Sollensys

Sollensys is a leader in commercial blockchain applications. Our flagship product, The Blockchain Archive Server™ is the best defense against the devastating financial loss that ransomware causes.

Capgemini

Capgemini

Capgemini is one of the world's foremost providers of consulting, technology and outsourcing services. Areas of expertise include Cybersecurity.

GreenPages Technology Solutions

GreenPages Technology Solutions

GreenPages provide expert strategic guidance and proven cloud-era solutions for our clients. Every day we help organizations leverage the cloud securely with less risk and cost.

Sterling Information Technologies

Sterling Information Technologies

Sterling is an information security, operational risk consulting and advisory group. Our Advisory services help to safeguard information assets while supporting business operations.

Tsaaro Academy

Tsaaro Academy

Tsaaro Academy is a unique privacy certification training platform and here you earn a privacy certification CEH, CISM and DPO from India’s No.1 Privacy training platform.