Assessing the threat of organised cybercrime

0

Ransomware attacks, child sexual exploitation (CSE) and online fraud remain the most threatening manifestations of cybercrime in the European Union, according to the EU agency Europol in the tenth edition of the Internet Organised Crime Threat Assessment (IOCTA).

Europol says the human factor remains the weakest link in most cyber defenses. Multi-layered extortion models are increasingly common across the cybercrime threat spectrum, as ransomware groups fragment and re-form. Even after law enforcement takedowns, mirror sites quickly emerge. The dark web remains a key enabler for cybercrime, allowing offenders to share knowledge, tools and services in a more covert manner.

Investment, business email compromise (BEC), and romance fraud remain the most common types of cyber fraud in the EU, with phishing remaining the most common attack vector. When it comes to cryptocurrency, ransomware operators most often ask for Bitcoin when making ransom demands, as it is still easier to obtain than other types of coins – but the use of alternative coins (altcoins) appears to be on the rise.

Catherine De Bolle, the agency’s executive director for law enforcement cooperation, said in a foreword: “Cybercriminals are keen to make use of artificial intelligence, which is already becoming a common part of their toolkit and is likely to be used even more widely. Law enforcement agencies are expected to build robust capacity to counter the growing threats posed by this, both in terms of human resources and technical skills. Another worrying aspect of cybercrime is the young age of its perpetrators. Given that cybercriminals in many cases appear to be minors, a greater focus on prevention of perpetrators could deter young people from embarking on a criminal career.”

In terms of AI use, the threat assessment points to services offered on the dark web that can help online fraudsters develop scripts and create phishing emails. Malicious large language models (LLMs) are also being used in cases of sexual extortion, Europol reports. And for online fraud, deepfakes are being used to mimic voices, such as those of company executives; and AI is being used in the generation of an ever-increasing volume of online child sexual abuse material. The number of cybercriminals entering the market continues to grow steadily, Europol reports.

You can view the document on the Europol website.