Europol: Ransomware, Crime-as-a-Service Lead Cybersecurity Worries

A new report from Europol — the European Union’s (EU) international law enforcement agency — details the top cybersecurity threats facing both businesses and individuals, and the same threat highlighted recently by the FBI and others popped up: ransomware.

Ransomware — where computers and servers are infected with malware that encrypts files, and remain inaccessible while those behind the infection demand payment — hit an all-time high in the U.S. during the first half of the year, according to U.S. federal law enforcement numbers. And the Europol study named ransomware “the dominant concern for EU law enforcement.”

“2016 has seen the further evolution of established cybercrime trends,” Steven Wilson, head of the European Cybercrime Centre, said in a statement. “The threat from ransomware has continued to grow and has now expanded into sectors such as healthcare.

“However there are many positives to be taken from this year’s report. Partnerships between industry and law enforcement have improved significantly, leading to the disruption or arrest of many major cybercriminal syndicates and high-profile individuals associated with child abuse, cyber intrusions and payment card fraud.”

The report made note of several ransomware threats that have been particularly damaging in recent years, including Cryptowall, Curve-Tor-Bitcoin (CTB) Locker, Teslacrypt, and, most recently, Locky. The report — which aims to offer a cybersecurity threat assessment for both individuals and businesses, to help them better protect against cyber threats — recommends that ransomware investigations need better attention among investigators.

“There should be a continuous effort from all parties to prioritize the victim in the investigation of these crimes,” the report reads. “That includes law enforcement investing human and IT resources to improve the opportunities for victims to be identified.”

Besides ransomware, the report listed several other cybersecurity threats that have risen to prominence so far in 2016, include “Crime-as-a-Service,” where cybercrime tools and cyber specialists are put together for profit; payment fraud; and CEO targeting.

“Europol is concerned about how an expanding cybercriminal community has been able to further exploit our increasing dependence on technology and the internet,” said Europol’s director Rob Wainwright. “In response law enforcement authorities have increased their skill-sets and their capability to work together in platforms such as the European Cybercrime Centre at Europol, but the growing misuse of legitimate anonymity and encryption services for illegal purposes remain a serious impediment to the detection, investigation and prosecution of criminals.”