Europol’s European Cybercrime Centre has released the 2015 Internet Organised Crime Threat Assessment Report. The Report highlights the increasing professionalisation of cybercriminals in terms of how attacks are planned and orchestrated using new methods and techniques, and an increased risk appetite and willingness to confront victims.
Malware remains a key threat for private citizens and businesses. Ransomware attacks, particularly those incorporating encryption, were identified as a key threat both in terms of quantity and impact. Information stealers, such as banking Trojans, and the criminal use of Remote Access Tools also feature heavily in malware investigations.
The report notes that the attention of industry is yet not fully focused on cyber security or privacy-by-design – “many of the so-called smart devices are actually quite dumb when it comes to their security posture, being unaware of the fact that they are part of a botnet or being used for criminal attacks. The Simple Service Discovery Protocol, which is enabled by default on millions of Internet devices using the Universal Plug and Play protocol including routers, webcams, smart TVs or printers, became the leading Distributed Denial of Service amplification attack vector in the first quarter of 2015.”