Europol report provides insights into cybercrime trends

4. October, 2023

In Austria, more than 60,000 offences in cybercrime were reported in 2022. Almost half of them were related to internet fraud. This new record value means an increase of more than 30 % compared to the previous year. A further significant increase is expected for the coming years. [1]

Criminals are increasingly adapting to new technologies and exploiting the unawareness of their victims. Europol has therefore launched an information series on the topic of “Internet Organised Crime Assessment” (IOCTA), which deals with the rapidly changing threats in cyberspace. In this series, experts assess the development of organised crime on the internet and highlight trends and changes over the last 24 months. Now Europol published the observations on the focus “Crime as a Service” in September 2023. [2]

Europol report: Cybercrime as a Service

The Europol report on cybercrime as a service examines widespread cyber-attacks for new methods and threats. It describes the different criminal structures in the background and shows how professionally the organisations integrate changes in geopolitics into their methods. One of the main goals of the criminals is to steal sensitive data.

Having this background knowledge can help companies to better assess their own threat situation and update their security strategy. Furthermore, it can be used to derive exercise scenarios for testing one’s own cyber defences.

Top 6 cybercrime trends

  1. Malware-based cyber-attacks, and among them especially ransomware, remain the biggest threat and usually have a significant financial impact on affected parties.
  2. Ransomware affiliate programmes have established themselves as a dominant business model for professional cybercriminals. There are signs that the targeted theft of sensitive information could become a major new threat.
  3. Phishing emails with malware, Remote Desktop Protocol (RDP) and exploiting vulnerabilities in virtual private networks (VPN) are the most common access methods used by cybercriminals. In further steps, legitimate software and tools integrated into operating systems are abused to spread in the victims’ infrastructure.
  4. Military developments around Ukraine led to an increase in distributed denial of service (DDoS) attacks against targets in the EU. The most significant attacks were politically motivated and coordinated by pro-Russian hacker groups.
  5. Initial Access Brokers (IABs, selling stolen credentials), Dropper-as-a-Service (companies are specifically compromised and access is then passed on) and Ransomware developers are the three main groups of actors carrying out cyberattacks. Some high-level cybercriminals profit heavily from the sale and trade of stolen data on criminal marketplaces.
  6. The war of aggression against Ukraine and Russia’s domestic politics have led cybercriminals to migrate to other regions.

Motives and targets of cyber attacks

Cyber-attacks motivated by both financial gain and political persuasion are becoming more targeted. They will continue to cause massive disruption across all industries and sectors.

The impact of cyberattacks varies depending on the target. It ranges from the unavailability of (public) services to the impairment of critical infrastructure, which can result in supply shortages, disruptions to public safety or other significant impacts.

A common consequence of cyber-attacks is the theft and publication of confidential data. In addition to violating privacy and data protection, such information can have an impact on the cyber security of those affected. This is because stolen sensitive data is often used as a basis for further or other attacks. Integrating these acute changes in the threat landscape into the current defence strategy is also essential.

This might also interest you:

Ransomware attacks 2023: new record values

Data Loss Prevention: Protecting data from loss and unauthorised access

Secure energy transition: Cybersecurity for energy suppliers

Sources:

MSSP of the Year 2024

SIEM

What is a SIEM?

Nozomi Guardian Air
HarfangLab Guard
MITRE ATT&CK Framework
v.l.n.r.: Joe Pichlmayr (CEO IKARUS) – Anouck Teiller (CSO HarfangLab) –Alexander van der Bellen (Bundespräsident Österreich) - Frédéric Joureau (Erster Botschaftsrat der französischen Botschaft in Wien) – Christian Fritz (COO IKARUS)
EDR
Cyber Kill Chain
Business Email Compromise
Prognosen für die zehn größten Cybersecurity-Bedrohungen für 2030
E-Mail Verschlüsselung
Schritt für Schritt zum Notfallplan für IT-Security-Incidents
Account Management
Bedrohung
Indicators of Attack
Gefahren durch vertrauenswürdige Services

WE ARE LOOKING FORWARD TO HEARING FROM YOU!

IKARUS Security Software GmbH Blechturmgasse 11
1050 Vienna

Phone: +43 1 58995-0
Sales Hotline:
+43 1 58995-500
sales@ikarus.at

SUPPORT HOTLINE

Support hotline:
+43 1 58995-400
support@ikarus.at

Support hours:
Mon – Thu: 8am – 5pm
Fri: 8am – 3pm
24/7 support by arrangement

Remote maintenance software:
AnyDesk Download