Europol Warning: Crypto-Ransomware Threat
Crypto-ransomware is now the biggest malware threat facing law enforcers, according to the latest annual Europol Report on the threat landscape.
The 2016 Internet Organised Crime Threat Assessment (IOCTA) claimed that the risks’ associated with ransomware which encrypts the victim’s data are greater than even data stealing malware or banking Trojans.
The findings seem to be in line with FBI appraisals of the threat, given the Bureau’s frequent public service announcements on the topic. Most recently it asked businesses and consumers to report any incidents of infection so it can get a better idea of the scale of the problem facing the authorities. Also, in recent research from the UK, Trend Micro claimed that 44% of businesses in the country had suffered a ransomware infection over the past 24 months.
"Ransomware is a threat that is clearly becoming more pervasive, and as we have seen from numerous successful attacks in 2016, attackers are continuing to walk away with large sums of money and wreak havoc on organizations by holding their valuable assets hostage,” explained TrapX Security CEO, Greg Enriquez.
“The challenge now is that Cyber-criminals are evolving their cryptographic ransomware techniques as they realize just how lucrative this attack method is.”
The Europol Report also highlighted a worrying development in the fraudulent use of NFC tap-and-pay mobile phones and contactless cards. The Report explains:\
“Several vendors in the Darknet offer software that uploads compromised card data onto Android phones in order to make payments at any stores accepting NFC payments. Moreover, at least one Member State reports instances of OCGs using contactless cards purchased from individuals who then report the card as lost. The OCGs were able to reset the cards once they had reached the purchase limit thereby allowing continued spending.”
Elsewhere, CEO fraud was highlighted as a “key threat” facing businesses.
The Darknet was blamed for helping fuel the growth of child exploitation online and end-to-end encrypted platforms as helping to facilitate the live streaming of child abuse.
Europol argued that collaboration and intelligence sharing and a “harmonised approach to undercover investigations” is required across the EU to combat illegality on the dark web.