In its four-yearly flagship report into organized crime in Europe, Europol warns that acts of cybercrime, including attacks on critical infrastructure, are on the rise.
At the launch of the Serious and Organised Crime Threat Assessment (SOCTA 2021), Edvardas Sileris, head of Europol’s European Cybercrime Centre, cited malware (particularly ransomware) and DDoS attacks as the most common types of attack.
“Cyber-attacks are likely still significantly under-reported,” he warned.
The report highlights the scale of the problem, with the EU’s cybersecurity agency ENISA reporting the detection of 230,000 new malware infections every day.
At the same time, there’s been a “notable” increase in the number of ransomware attacks on public institutions and large companies, and an increasing tendency for cybercriminals to target smaller organizations – which may have lower security standards – through DDoS attacks.
Cybercrime-as-a-Service
Cybercrime is extremely dynamic, warned Sileris, exploiting quickly advancing technologies. Meanwhile, criminals are employing new business models, such as the rental of cybercrime skills and tools or profit-sharing deals.
“The availability of cybercrime services online as part of a crime-as-a-service business model makes cybercrime more accessible by lowering the technical expertise required to carry out these crimes,” he said.
“Critical infrastructure will continue to be targeted by cybercriminals, which poses significant risks. Developments such as the expansion of the Internet of Things and the increase use of artificial intelligence will have a significant impact.”
Other areas of concern for Europol include the increasing number of applications for biometrics data, along with deepfakes and the availability of autonomous vehicles.
Meanwhile, European Commissioner for home affairs Ylva Johansson called for more powers to access electronic evidence, adding that the bloc was considering taking action to ensure that service providers retained data so that it could be accessed by law enforcement.
“We must also deal with encryption,” she added. “Criminals hide their crimes with encryption that’s easy to use but impossible to break. We must find solutions.
“When police have lawful access to information, they must also be able to get actual access to that information.”
And she added that Europol’s new decryption facility was already providing help to member states, adding: “We will support research and innovation in policing – for example artificial intelligence – and supply training in the use of technology, for example to carry out digital investigations.”
Source: https://portswigger.net/daily-swig/surge-in-malware-and-cyber-attacks-set-to-continue-europol-warns-in-socta-2021-report