{"id":16584,"date":"2019-10-14T09:10:05","date_gmt":"2019-10-14T17:10:05","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/10\/14\/news-10323\/"},"modified":"2019-10-14T09:10:05","modified_gmt":"2019-10-14T17:10:05","slug":"news-10323","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/10\/14\/news-10323\/","title":{"rendered":"Europol: Ransomware remains top threat in IOCTA report"},"content":{"rendered":"

Credit to Author: Malwarebytes Labs| Date: Mon, 14 Oct 2019 16:00:00 +0000<\/strong><\/p>\n

The European Union Agency for Law Enforcement Cooperation, or Europol, just released its annual Internet Organized Crime Threat Assessment (IOCTA) report for the year. And we weren\u2019t surprised to find that ransomware, despite its palpable decline in volume these past few months\u2014a trend we\u2019ve also seen and documented<\/a>\u2014remains the most prominent threat in terms of prevalence and financial damage.<\/p>\n

It’s not just<\/em> data<\/h3>\n

While the IOCTA report talks about online threats that both consumers and businesses face on a daily basis, it also puts data at the center of it all. We rely on it\u2014often, all too much\u2014and criminals know this. And yet, most threat actors behind attack campaigns rely on our data to make their attacks more successful, compelling us to take action. After all, nowadays an attack that doesn\u2019t use data against its owners wouldn\u2019t be much of a money-earning scheme.<\/p>\n

Threat actors can deprive organizations and individuals\u2019 access to their own files by encrypting and holding them for ransom, such is the case for ransomware. And they can also deny the average user access to an organization\u2019s data (and services) through Distributed Denial of Service (DDoS) attacks<\/a>. According to Europol, such attacks with an extortion element<\/a> in them are the most prevalent.<\/p>\n

Data also enables other forms of online crime like fraud. Criminals are primarily after financial data, such as credit card information, online banking credentials, and cryptocurrency wallet data. They are also after personally identifiable information (PII)<\/a> and other login credentials. Such data fuels other profitable, targeted attacks like business email compromise (BEC)<\/a> scams, spear phishing, and account takeovers.<\/p>\n

There is also the challenge of data overload, particularly in the realm of child sexual exploitation (CSE) crimes. The staggering amount of material online detected by law enforcement and private companies continues to increase to the point that it\u2019s putting a strain on law enforcement resources to investigate these crimes. One contributing factor to the increase of availability of CSE material online is that more underage users are accessing and using social media, thus, criminals reach and communicate with them via these platforms.<\/p>\n

\n
\"\"
Courtesy of Europol<\/figcaption><\/figure>\n<\/div>\n

Other IOCTA findings<\/strong><\/h3>\n