14 DAY TRIAL // According to Europol's 2018 edition of the Internet Organised Crime Threat Assessment (IOCTA), ransomware maintains its supremacy as the key malware threat in most EU member states, while cryptojacking is becoming more and more prevalent.
"The Internet Organised Crime Threat Assessment (IOCTA) aims to inform decision-makers at strategic, policy and tactical levels in the fight against cybercrime, with a view to directing the operational focus for EU law enforcement," says Europol's report.
Regarding the ransomware threat, just like in the case of other malware types, Europol discovered that as soon as the malware tools are simpler to obtain and they become increasingly sophisticated and powerful, the attacks are slowly moving to the business sector which provides threat actors with higher payouts.
Moreover, because cryptojacking requires a lot fewer resources and comes with greater returns for the amount of effort put in, threat actors are increasingly employing it to use their victims' processing power to mine for cryptocurrencies.
"While law enforcement did not formally report any cases, there were again a number of incidents featured in the media such as the attack which resulted in healthcare systems in Finland grinding to a halt in February 2018," says Europol.
While ransomware keeps the top dog position in the threat ledger, cryptojacking is closing in very fast
Furthermore, Europol is also expecting for exploit kits as the primary infection attack vector to keep declining, slowly being replaced by other more modern techniques and methods such as Remote Desktop Protocol (RDP) brute-forcing, social engineering, and spam.
When it comes to data breaches, these type of attacks have been reported a lot more frequently after EU's GDPR came in to effect in May 2018 mainly because this is a legal requirement for all private and public organizations.
With all the reports surfacing this year, it's quite apparent that data breach attacks are now an obvious threat, with most threat actors using this type of attack as the first stepping stone to other criminal activity.
"According to these reports, external malicious actors carry out 73% of breaches, but 28% also involved internal actors. OCGs carry out 50% of breaches, whereas industry reporting attributes 12% of the breaches to state sponsored actors," according to Europol's 2018 IOCTA.
