Europol warns of crypto cyberattack increase

Europol is warning that cyberattacks which historically targeted traditional financial instruments are now targeting businesses and users of cryptocurrencies.

In its 2018 Internet Organised Crime Threat Assessment (IOCTA), the fifth anniversary edition of the report, Europol reveals that crime is everywhere, diverse and despicable.

Criminals are doing rather well

Along with the crypto crime craze, Catherine De Bolle, executive director of Europol, explains that “while Bitcoin’s share of the cryptocurrency market is shrinking, it still remains the predominant cryptocurrency encountered in cybercrime investigations”.

Currency exchangers, mining services and other wallet holders are facing hacking attempts as well as extortion of personal data and theft.

Money launderers have evolved to use cryptocurrencies in their operations and are increasingly facilitated by new developments such as decentralised exchanges which allow exchanges without any know your customer (KYC) requirements.

Europol says it is likely that high-privacy cryptocurrencies will make the current mixing services and tumblers obsolete.

The criminal mind

It’s not all about crypto. Elsewhere, Europol explains that West African fraudsters have evolved to adopt emerging fraud techniques, including those with more sophisticated, technical aspects, such as business email compromise.

Phishing continues to increase and remains the primary form of social engineering. And many of the classic scams, such as advanced fee fraud still result in a considerable numbers of victims.

Europol notes that ransomware retains its dominance. It says even though the growth of ransomware is beginning to slow, ransomware is still overtaking banking Trojans in financially-motivated malware attacks, a trend anticipated to continue over the following years.

According to the report, mobile malware has not been extensively reported in 2017, but this has been identified as an anticipated future threat for private and public entities alike.

Illegal acquisition of data following data breaches is a prominent threat. Criminals often use the obtained data to facilitate further criminal activity. In 2017, the biggest data breach concerned Equifax, affecting more than 100 million credit users worldwide.

With the EU GDPR coming into effect in May 2018, the reporting of data breaches is now a legal requirement across the EU, bringing with it hefty fines and new threats and challenges.

Criminals continue to use distributed-denial-of-service (DDoS) attacks as a tool against private business and the public sector. Such attacks are used not only for financial gains but for ideological, political or purely malicious reason. This type of attack is not only one of the most frequent (only second to malware in 2017); it is also becoming more accessible, low-cost and low-risk.

In addition, card-not-present fraud dominates payment but skimming continues.

Europol states that skimming remains a common issue in most of the EU member states. As in previous years, this continues to decrease as a result of geoblocking measures. Skimmed card data is often sold via the Darknet and cashed out in areas where Europay, Mastercard and Visa (EMV) implementation is either slow or non-existent.

Cryptojacking is an emerging cybercrime trend, referring to the exploitation of internet users’ bandwidth and processing power to mine cryptocurrencies. While it is not illegal in some cases, it nonetheless creates additional revenue streams and therefore motivation for attackers to hack legitimate websites to exploit their visitor systems. Actual cryptomining malware works to the same effect, but can cripple a victims system by monopolising their processing power.

The cure

Europol’s recommendations to stop all this are fairly obvious.

It says prevention and awareness campaigns should be tailored to include advice on how users of cryptocurrencies can protect their data and wallets.

Investigators should identify and build trust relationships with any cryptocurrency related businesses operating in their jurisdiction, such as exchangers, mining pools or wallet operators.

EU member states should increasingly invest or participate in appropriate specialist training and investigative tools in order to grow their capacity to effectively tackle issues raised by cryptocurrencies during investigations. Investigating cryptocurrencies must become an integral skill for cybercrime investigators.