top of page

Ransomware Remains Top Cyber Threat, Europol Reports

In a comprehensive report titled "Cyber-attacks: the apex of crime-as-a-service," released on September 13 as part of the IOCTA 2023 series, Europol has sounded the alarm on the persistent and evolving threat of ransomware attacks. The report offers critical insights into emerging cyber threats and methodologies, drawing from the observations of Europol's operational analysts.

Ransomware Remains Top Cyber Threat, Europol Reports

One of the central findings of the report is the continued dominance of malware-based cyber-attacks, with ransomware leading the charge. These attacks have far-reaching consequences, affecting a wide range of industries and organizations.

Europol's report also sheds light on the growing prominence of ransomware affiliate programs. These programs have emerged as the primary organizational structure for ransomware groups. They employ intricate extortion tactics, including data theft, to maximize their ill-gotten gains.

Phishing emails containing malware, Remote Desktop Protocol (RDP) brute forcing, and the exploitation of Virtual Private Network (VPN) vulnerabilities are identified as the most common intrusion tactics used by cybercriminals. These techniques underscore the need for heightened vigilance and cybersecurity measures among individuals and organizations.

Furthermore, the report highlights a concerning trend where cybercriminals are exploiting legitimate operating system tools to maintain persistence within compromised systems and navigate networks undetected. This approach makes it increasingly challenging to identify and mitigate cyber threats effectively.

Geopolitical events have also played a role in the cyber threat landscape. The Russian-Ukraine conflict, in particular, has led to a "significant boost" in Distributed Denial of Service (DDoS) attacks targeting EU entities. These politically motivated attacks are often orchestrated by pro-Russian groups, further emphasizing the need for enhanced cybersecurity measures in a rapidly changing world.

Europol's report goes on to underscore the pivotal roles played by Initial Access Brokers (IABs), droppers-as-a-service, and crypted developers in executing various cyber-attacks. These actors facilitate the entry and operation of cybercriminals in the digital realm.

Interestingly, high-tier cybercriminals are seen to benefit from active criminal marketplaces and IABs involved in the sale of stolen data. This economic dimension of cybercrime has led some cybercriminals to relocate, driven by geopolitical shifts.

As the inaugural installment of the Internet Organised Crime Assessment (IOCTA) 2023 series, this report is poised to become an indispensable resource for understanding the current state of cybercrime. It serves as a stark reminder of the urgent need for individuals and organizations to bolster their cybersecurity defenses.

To delve deeper into the evolving landscape of cybersecurity and online fraud, experts and stakeholders will convene at the 'Cybersecurity & Online Fraud Summit 2023,' scheduled for November 29 in Dublin. This summit promises to provide a platform for discussing and strategizing solutions to combat the ever-evolving threats posed by cybercriminals.

In addition to this comprehensive report, Europol plans to release a series of spotlight reports later this year. These reports will focus on specific areas within cybercrime, including cyber-attacks, online fraud, and child sexual exploitation. This concerted effort aims to provide actionable intelligence and insights to safeguard our digital world.

As the world becomes increasingly interconnected, the battle against cyber threats intensifies. Europol's report serves as a timely wake-up call, reminding us all that vigilance and collaboration are our best defenses in the ever-evolving landscape of cybercrime.



bottom of page