Review of the Europol 2020 Internet Organised Crime Threat Assessment

The 2020 Internet Organised Crime Threat Assessment (IOCTA) was published last week, reflecting how cybercrime affects citizens, businesses and organisations across the EU and the key role Europol plays by working with partners across law enforcement and the private sector to offer innovative solutions and effective, comprehensive support to investigations. 

IOCTA 2020

This sentiment is shared by the Cyber Resilience Centre as we represent a strong local partnership response to protecting the Greater Manchester business community from online crime, which we deliver by bringing together Law Enforcement, Academia and the Private sector locally.  

Whilst the full report addresses cross-cutting themes including child sexual exploitation, payment fraud and criminal use of the dark web. I want to focus on the key findings around cyber-dependent crime where once again the priority threats are social engineering, ransomware and other forms of malware. 

Additionally, the COVID-19 pandemic has illustrated how criminals take advantage of society when it’s at its most vulnerable. Whether through targeting of children for sensual exploitation and abuse (CSEA) as they spend more time online, targetted DDoS attacks on our healthcare services or ransomware attacks on vulnerable businesses being amplified through the increased home and remote working. 

Cross Cutting Crime

Data compromise remains a threat with consistent reporting of social engineering and phishing with organised criminals exploiting tools, systems and vulnerabilities and increasingly working together and being successful due to a lack of or inadequate security measures and insufficient awareness of staff. 

Business Email Compromise (BEC) continues to increase with growing evidence of criminals gaining a greater understanding of internal business processes and using this to time attacks to ensure the greatest impact. 

Ransomware remains a priority threat with victims still reluctant to come forward to report, which makes investigating such cases extremely difficult. It’s also becoming increasingly targeted, with offenders working with third-party providers to form a lethal combination. We’re seeing a perverse twist to guarantee payment with criminals threatening to auction or wipe sensitive company data. Whilst the investment costs for criminals has increased so to have the potential profits with attackers displaying higher skills, sophistication and adaptivity.

Ransomware tips

Malware attacks are also showing signs of being increasingly targeted and Emott leads the way as the benchmark of modern malware variants. Crime-as-a-service is enhancing the reach of attacks as offenders turn to the Dark web but mobile malware remains relatively stable.

Finally, we are seeing different types of DDoS, which is becoming increasingly adaptive with IoT devices now being affected by this threat vector whereby the threat posed is currently higher than it’s reported impact so one to watch out for. 

Much of this isn’t new and just goes further to evidence the need for effective partnership approaches such as the Cyber Resilience Centre to help raise awareness across our business community and provide help, guidance and support on how best to mitigate the threat.

Neil Jones | Detective Superintendent | Greater Manchester Police 

Here at the CRCGM, we are proud to offer memberships to help businesses of all sizes access affordable support for their cyber resilience. Click here for full details.