Europol Identifies The Top Cyber Threats

Europol has just published a new threat report that highlights malware-based ransomware cyber attacks that are a major threat, and that ransomware affiliate programs have become the main form of crime for ransomware groups.

The report states: “Cyber criminals usually gain initial access through compromised user credentials or by exploiting vulnerabilities in the targeted infrastructure... Malware-based cyber-attacks, specifically ransomware, remain the most prominent threat with a broad reach and a significant financial impact on industry."

Of particular importance is how ransomware affiliate programs have become established as the main business model for ransomware groups who continue deploying multi-layered extortion methods, with indications that the theft of sensitive information might become the core threat.” 

The most common intrusion tactics include phishing emails containing malware, remote desktop protocol (RDP) brute forcing, and virtual private network (VPN) vulnerability exploitation.

The report details that after Microsoft blocked the option to deliver macros over the Internet in their applications, cyber criminals have shifted to using container files. Nevertheless, victims can still be infected with droppers through Internet search engines, where users are lured with search engine optimisation (SEO) keywords to download malware disguised as a legitimate program or tool.

It is also important to note the impact of Russia’s war against Ukraine on the process, which according to the report has led to a “significant boost” in DDoS attacks against targets in the EU and the highest profile attacks were politically motivated and coordinated by pro-Russian hacker groups. Recent examples include large-scale assaults on Poland and Lithuania.

Furthermore, the war in Ukraine, mass mobilisation in Russia, and Western sanctions have pushed some previously untouchable cyber criminals in the region to flee to jurisdictions in the EU. Among these was the creator of a data theft malware called “RacoonStealer”. This was a malware-as-a-service product sold to clients for $200 a month in crypto currencies and is thought to have been used to steal data and empty the digital currency wallets of more than two million victims.

Europol is also now making sexual exploitation a cyber crime priority as the web has enabled offenders to interact with each other online and obtain indecent material of children in volumes that were unimaginable 10 years ago.

The report concludes with a warning that cyber attacks are expected to increase as a criminal threat affecting the EU and that cyber criminals are likely to further embrace new technologies and maximise the reach of their services, with sensitive data as a core target.

Europol:      Europol:    Interpol:      I-HLS:    Professioanl Security:     Cybernews:     Computer Weekly:

You Might Also Read:

Qakbot Malware Taken Down:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Jargon Buster: Untangling The Complexity In Cybersecurity 
Zero-Trust: Protecting From Insider Threats »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Cynet

Cynet

Cynet simplifies security by providing a rapidly deployed, comprehensive platform for detection, prevention and automated response to advanced threats with near-zero false positives.

ActiveCyber

ActiveCyber

ActiveCyber is a source for news, reviews, learning, and technological innovation in the active cyber defense industry.

Positive Technologies

Positive Technologies

Positive Technologies is a leading global provider of enterprise security solutions for vulnerability and compliance management, incident and threat analysis, and application protection.

National Intelligence Service (NIS) - South Korea

National Intelligence Service (NIS) - South Korea

The NIS oversees policy on cyber security in South Korea by formulating and coordinating the execution of such policy and devising necessary schemes and guidelines.

National Center for Manufacturing Sciences (NCMS)

National Center for Manufacturing Sciences (NCMS)

NCMS is a cross-industry technology development consortium, dedicated to improving the competitiveness of the US industrial base. Strategic initiatives include industrial cyber security.

Ataya & Partners

Ataya & Partners

Ataya & Partners is a consulting company that delivers data protection, cybersecurity and IT & Digital governance services.

Swascan

Swascan

Swascan is the first all-in-one, GDPR Compliant, Cloud Security Suite Platform. GDPR Assessment, Web Application Scan, Network Scan, Code Review.

DFI

DFI

DFI is a global leading provider of high-performance computing technology across multiple embedded industries.

Cyber Polygon

Cyber Polygon

Cyber Polygon is an annual online exercise which connects various global organisations to train their competencies and exchange best practices.

Meterian

Meterian

The Meterian Platform is a fuss-free solution to protect you against vulnerabilities in your app’s software supply chain.

SuperCom

SuperCom

SuperCom are a global secure solutions integrator and technology provider for governments and other consumers facing organizations around the world.

Anzen Technology Systems

Anzen Technology Systems

Anzen create software solutions which allows organisations to utilize the public cloud for sensitive or classified information, whilst increasing data security and retaining data sovereignty.

Vault Cloud

Vault Cloud

Vault Cloud, Australia's National Cloud, is an Australian owned and operated company specialising in secure, sovereign, hyperscale cloud infrastructure.

Bluerydge

Bluerydge

Bluerydge specialises in cyber security and technology, focusing on the delivery of innovative sovereign solutions through trusted, cleared and experienced professionals.

Seers

Seers

Seers is the world’s leading privacy & consent management platform for companies worldwide. Trusted by over 50,000+ businesses.

MIND

MIND

MIND is the first-ever data security platform that puts data loss prevention and insider risk management programs on autopilot, so you can automatically identify, detect and prevent data leaks.